{"report_id":"1fdfd077-e414-4c01-8204-398de7cc798a","version":6,"status":"done","tags":[],"date":"2025-12-17T00:12:16Z","url":{"schema":"http","addr":"www.thedrinkr.com/","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"ip":{"addr":"172.67.130.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.thedrinkr.com/","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"title":"Login","dom":{"size":1288,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"a4ff57ebb012cd0eb7590a94463bb8fe","sha1":"7cd7389b797c1cbb8be412663f5bfd5f3aa89c24","sha256":"c4c7f584dbfdc5c2f927e97b56d1735b2954d1466f34236fb2ccf6ae31241a3f","sha512":"9e5bda3a0f9b9fe6ba25ff4b7e6641b22c4feae4f00bb502e62ec9102ea18dd36f4a012e7249e16d6dc1a3abc455a2b7f0e387c1892027ad3f8a030e92224793","ssdeep":"","tlshash":"2c210da254f00d6aa19280dcb4aab5087cc5c503c68e4858b2fc5f996fa5f8b48e321a","dom_hash":"domhash1f91f8fcda8b782f1fb24b0fed97c3c6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.thedrinkr.com/","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"ip":{"addr":"172.67.130.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-21T00:12:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.thedrinkr.com","ip":{"addr":"104.21.3.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-07-14","domain_rank":0,"first_seen":"2025-12-17T00:12:17.352558Z","last_seen":"2025-12-17T00:12:17.352558Z","alert_count":8,"request_count":4,"received_data":368251,"sent_data":2111,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.5.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-12-14T22:26:41.611695Z","alert_count":0,"request_count":1,"received_data":90068,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2025-12-14T23:35:06.249963Z","alert_count":0,"request_count":2,"received_data":243129,"sent_data":927,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.5.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-03T17:27:14.19064Z","times_seen":217293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21f815ff6d1883c4e81d821d38ff4070","sha1":"386ea8bd17f21149c4e3a2303665fe6398e4e7d0","sha256":"f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f","sha512":"90115f497b93299700055a2e4581a7528df928a6b5141ad88301b83c0c7b6761deae89279b471ad859b64e8b1daeb237e7a1031cc5b7f374b7212af029c54f53","ssdeep":"768:wpnu4ImmtHVUFIEz/V7BTtWD4uEpUbs+BOquiA2r+eFJQnK9W+ieMpTHsH1Olm0t:wluV+UFBOqtFpR8od89cvEz","tlshash":"f383d54a7254b47206df6076907f460fb2376899a50b802cb869d8ed2e7cd893177f7c","size":80927,"data":"","first_seen":"2023-03-07T01:01:59Z","last_seen":"2026-04-03T12:50:35.463978Z","times_seen":1310,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.thedrinkr.com/","date":"2025-12-17T00:11:53.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.5.2/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.thedrinkr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Dec 2025 00:11:53 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9af234ad6c33120a-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"21f815ff6d1883c4e81d821d38ff4070\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:11 GMT\r\ncdn-cachedat: 04/03/2025 22:55:07\r\ncdn-proxyver: 1.22\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 722\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 8169ab07616e9eb7f90a1825b41601d3\r\ncdn-cache: HIT\r\nage: 2401152\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21f815ff6d1883c4e81d821d38ff4070","sha1":"386ea8bd17f21149c4e3a2303665fe6398e4e7d0","sha256":"f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f","sha512":"90115f497b93299700055a2e4581a7528df928a6b5141ad88301b83c0c7b6761deae89279b471ad859b64e8b1daeb237e7a1031cc5b7f374b7212af029c54f53","ssdeep":"768:wpnu4ImmtHVUFIEz/V7BTtWD4uEpUbs+BOquiA2r+eFJQnK9W+ieMpTHsH1Olm0t:wluV+UFBOqtFpR8od89cvEz","tlshash":"f383d54a7254b47206df6076907f460fb2376899a50b802cb869d8ed2e7cd893177f7c","first_seen":"2023-03-07T01:01:59Z","last_seen":"2026-04-03T12:50:35.463978Z","times_seen":1310,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":30,"dns":17,"connect":3,"send":0,"wait":11,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.thedrinkr.com/favicon.ico","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"ip":{"addr":"104.21.3.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.thedrinkr.com/","date":"2025-12-17T00:11:54.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thedrinkr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 10:13:56 GMT","end":"Thu, 05 Feb 2026 11:11:27 GMT"},"fingerprint":{"sha1":"14:B7:50:4F:48:6F:14:A9:C1:33:45:43:EF:3E:6C:32:F3:14:C7:BD","sha256":"F5:97:19:F1:DF:4C:C1:36:7F:B4:67:09:AA:D3:6F:19:F2:B9:5D:EB:84:96:31:2A:3D:E3:8F:C5:13:A7:00:A0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.thedrinkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.thedrinkr.com/\r\nCookie: connect.sid=s%3AaAixZ480Vc0keubRQhoLcqIFnyokkyQX.6HG7ShIbOZtqX0ZbwIhm3GkDB5Ba5FZrqDTAK0fcRmQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 17 Dec 2025 00:11:54 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B5HXMxqLY%2FlIIe%2FIDA%2FHs3WdHmjhLuC3bSihLoqZuXnOerMT3CWGiA6BJJVfYCu2PVrlS%2BE0mtnKhXdYWEDK1wqjaA0LgLf1ZsfKrxcoaA%3D%3D\"}]}\r\npriority: u=6,i=?0\r\nx-powered-by: Express\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nvary: accept-encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9af234aebe29568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"84241342d84ac29592a5d9516f8edf7f","sha1":"03c53980e18e17625f439c20e7d438f066202428","sha256":"6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c","sha512":"7509483335c7a30365f7f403098491ac0b44fffcc68a5cdacb86ec191f02dbda5b16a20a09e924b6a29ac938578d43bacb9a50115db5c5668ea27fe1811bd530","ssdeep":"","tlshash":"34c08c9e140012010b2087042ac1326464973b992de685006a87e027ece8a1ad987288","first_seen":"2023-04-05T13:59:49Z","last_seen":"2026-04-03T15:31:33.670586Z","times_seen":5499,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.thedrinkr.com/","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"ip":{"addr":"104.21.3.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-17T00:11:53.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thedrinkr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 10:13:56 GMT","end":"Thu, 05 Feb 2026 11:11:27 GMT"},"fingerprint":{"sha1":"14:B7:50:4F:48:6F:14:A9:C1:33:45:43:EF:3E:6C:32:F3:14:C7:BD","sha256":"F5:97:19:F1:DF:4C:C1:36:7F:B4:67:09:AA:D3:6F:19:F2:B9:5D:EB:84:96:31:2A:3D:E3:8F:C5:13:A7:00:A0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.thedrinkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Dec 2025 00:11:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\nset-cookie: connect.sid=s%3AaAixZ480Vc0keubRQhoLcqIFnyokkyQX.6HG7ShIbOZtqX0ZbwIhm3GkDB5Ba5FZrqDTAK0fcRmQ; Path=/; Expires=Thu, 18 Dec 2025 00:11:53 GMT; HttpOnly\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uuyUPtXwLEHmDsFdLoM8LQqM52QXoH5B%2FzVXNxyPUeVZkyfugdvp%2BMTtMUO8HImhCLOi9o7AD%2B%2Bf%2BWTOtjCavu5vITx5IZGWuiw2guZKJg%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9af234aa6c83b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Bootstrap:4.5.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1299,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"5c785f346a0378bacaa72ddda2dbd360","sha1":"f2c865b3d083d928154392bd10697f15faba0195","sha256":"acdc1a5434d1a0e38c8571920c8721c3aca3f20ed85ef0f25035d26d587d2664","sha512":"35e4e94e6ba16a9c0c83092c2ac130603b81db1c027170cbf88b3ba9a81ae621461a5d3119309dc0f8dee01cc6b1d2ee09b1b261dd9a9dbd58b5c3d67d328caa","ssdeep":"","tlshash":"8b2130a214e00d66618180dcb4eab9087cc5c503d68f4818b2fd5b996fe1fcf08f321a","first_seen":"2025-12-17T00:12:18.895168Z","last_seen":"2025-12-17T00:12:18.895168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":31,"dns":12,"connect":1,"send":0,"wait":195,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.thedrinkr.com/","date":"2025-12-17T00:11:53.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.thedrinkr.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 17 Dec 2025 00:11:53 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9af234ad6c31120a-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"816af0eddd3b4822c2756227c7e7b7ee\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:11 GMT\r\ncdn-cachedat: 05/24/2025 18:37:33\r\ncdn-proxyver: 1.28\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 865\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 8c9ee707fb48fa822a55a2f5adf3f7c8\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 2411629\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":160302,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65326)","md5":"816af0eddd3b4822c2756227c7e7b7ee","sha1":"c470239d4c7db36d56dc3a74a080c62218c6edc4","sha256":"5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a","sha512":"32844d968c5b4ad05c0fccf733fd819a74feae0e08b0cc4f917686876cc3e8b18d34513cd16de89ec02145c30032b4a8c962fdc43ec4aedd267a7eef47c2d466","ssdeep":"1536:V47CIJ0T2r+ryEIA1pDEBi8yNcuSEcA1/uypq3SYiLENM6HN26b:S7VSGGq3SYiLENM6HN26b","tlshash":"0bf353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf827376487892c70a73e4c","first_seen":"2023-04-05T03:15:58Z","last_seen":"2026-04-03T17:52:23.474421Z","times_seen":12338,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":36,"dns":20,"connect":1,"send":0,"wait":11,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.thedrinkr.com/styles.css","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"ip":{"addr":"104.21.3.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.thedrinkr.com/","date":"2025-12-17T00:11:53.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thedrinkr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 10:13:56 GMT","end":"Thu, 05 Feb 2026 11:11:27 GMT"},"fingerprint":{"sha1":"14:B7:50:4F:48:6F:14:A9:C1:33:45:43:EF:3E:6C:32:F3:14:C7:BD","sha256":"F5:97:19:F1:DF:4C:C1:36:7F:B4:67:09:AA:D3:6F:19:F2:B9:5D:EB:84:96:31:2A:3D:E3:8F:C5:13:A7:00:A0"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: www.thedrinkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.thedrinkr.com/\r\nCookie: connect.sid=s%3AaAixZ480Vc0keubRQhoLcqIFnyokkyQX.6HG7ShIbOZtqX0ZbwIhm3GkDB5Ba5FZrqDTAK0fcRmQ\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 17 Dec 2025 00:11:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 09 Mar 2025 07:41:32 GMT\r\netag: W/\"6d5-19579da1ec2\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B60OshVXL95AtbcmQbk5rOKrgmdZUSu7r7Hieo4sj4Bh%2B%2F8MUblrW%2Be%2BKrkP4v5vMbsEsJVOKDyNivu%2BVOUqMeVl28%2BOv5YiQBNzr4%2BcOA%3D%3D\"}]}\r\ncf-ray: 9af234ad1e24568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1749,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"assembler source, ASCII text","md5":"724633ae2eff2a70f60a06fc91fabd71","sha1":"829209156996424104a12767aa553ae8e3ed479e","sha256":"9240d481b1049bad9a36f74ccb1c019be93a5431758ce98661b241d7ff0f6da0","sha512":"b0ba10adae5d0223faf5dbebab3fa68af6cf4b5ca574d522c924ec18deb8d514bd84a533bd1065c366e5e34755c40aca486c610ba326345ea8fcbe22c83c903f","ssdeep":"","tlshash":"aa31cf52eb771c97701bc55c17faca42676a82c3800d9f3e7b95f7b48f4c2486876988","first_seen":"2025-12-17T00:12:18.898076Z","last_seen":"2025-12-17T00:12:18.898076Z","times_seen":1,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.thedrinkr.com/axuda-logo.webp","fqdn":"www.thedrinkr.com","domain":"thedrinkr.com","tld":"com"},"ip":{"addr":"104.21.3.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.thedrinkr.com/","date":"2025-12-17T00:11:53.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thedrinkr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 10:13:56 GMT","end":"Thu, 05 Feb 2026 11:11:27 GMT"},"fingerprint":{"sha1":"14:B7:50:4F:48:6F:14:A9:C1:33:45:43:EF:3E:6C:32:F3:14:C7:BD","sha256":"F5:97:19:F1:DF:4C:C1:36:7F:B4:67:09:AA:D3:6F:19:F2:B9:5D:EB:84:96:31:2A:3D:E3:8F:C5:13:A7:00:A0"}}},"request":{"raw":"GET /axuda-logo.webp HTTP/1.1\r\nHost: www.thedrinkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.thedrinkr.com/\r\nCookie: connect.sid=s%3AaAixZ480Vc0keubRQhoLcqIFnyokkyQX.6HG7ShIbOZtqX0ZbwIhm3GkDB5Ba5FZrqDTAK0fcRmQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 17 Dec 2025 00:11:53 GMT\r\ncontent-type: image/webp\r\ncontent-length: 362096\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 09 Mar 2025 07:41:32 GMT\r\netag: W/\"58670-19579da1ec8\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Eqm%2FOmgFRUwRmggADhPVn%2Fi%2Bjw3RR9clOMTkkLzGtVuKKghurU11jgMb8IduXMpMAFpAxtBIobm1maqpxN40iX4OmpoBK0KM4ZbaPHg9Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9af234ad1e25568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":362096,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d4e464b08bc8cfa2e24065853d0fde63","sha1":"7669c7370ff165e8c4ff7f5af5fe5fb49bcaf2dd","sha256":"c6a90baae67621ecb430bb020180d1c28bb36c3c22e2758642fd152ab2a1116b","sha512":"d0c3b24adaff1771bc1d16ee5e5b2b358305bc8eef032d39fd55446f2e29015e669eca547300873e91a8c444e95bfc40d8be826b918c02f365f8d0b66b268138","ssdeep":"6144:kokYGzIE7D4jMuQAP09iQjVf6+KenxAb1+YX+OiNxAs5kbneG1Xlu9Nk62mFgX:vxEf4YM0k8Vf6+KIi1r+BNxAsaneGLa0","tlshash":"5874232ba318647d3a292470d2bb5c890db4ff23b5c67eae0dd46412ecdd003596c3ea","first_seen":"2025-12-17T00:12:18.899942Z","last_seen":"2025-12-17T00:12:18.899942Z","times_seen":1,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-17","alert":"Sinkholed","trigger":"www.thedrinkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.5.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.thedrinkr.com/","date":"2025-12-17T00:11:53.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.5.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.thedrinkr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d84\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 17 Dec 2025 00:11:53 GMT\r\nage: 2136557\r\nx-served-by: cache-lga21981-LGA, cache-hel1410021-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 64, 128658\r\nx-timer: S1765930314.876316,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30879\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89476,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-03T17:27:14.19064Z","times_seen":217293,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":66,"dns":1,"connect":26,"send":0,"wait":27,"receive":9,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}