{"report_id":"24571fd9-4be6-42aa-ac66-be2c2e0ca29c","version":6,"status":"done","tags":[],"date":"2026-01-04T23:41:29Z","url":{"schema":"http","addr":"bloxlab.st/Join-Any/Blox-Toolz","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":0,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"final":{"url":{"schema":"https","addr":"bloxlab.st/Join-Any/Blox-Toolz","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"title":"BLOXLAB | Join Any Game","dom":{"size":51573,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (36878)","md5":"3da4775104eaae55a32dbc292f18e45c","sha1":"286447193f4e1b7ba9a34bf109a60d7275b99f59","sha256":"603046f4621ba98ec9cf20162a17fd6b5f7c9be6a0619d3a1957d673c426e5d8","sha512":"c21e84f3e6e95929f1373f66fa1bd88358fc97b2c0238f519a571fc2cf3030e4c8bd7e540b6b478c534c51d2bd7d594bc3005a798ff7e8e916325e4eb2fc72d2","ssdeep":"384:G/7V8n9QHhL7gohRze8J0Ei7s2fIYfTMsElQzP+ExB6y80W7TtdrBIN2C33/c2jo:G/7VW9QHhngzIYbVGn03/c2j1l4IB/C","tlshash":"8f339551aa84d12bb927826e66d0f7083aede403edf3099cf11dd1508fc3e5e297e294","dom_hash":"domhash0f88c9dd9aa63ff042a562d6102f28c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bloxlab.st/Join-Any/Blox-Toolz","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":0,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T23:41:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"bloxlab.st","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"bloxlab.st","ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"domain_registered":"2025-05-27","domain_rank":3068119,"first_seen":"2025-06-17T13:12:03.893878Z","last_seen":"2025-11-19T14:55:19.715534Z","alert_count":35,"request_count":5,"received_data":96259,"sent_data":2248,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Typed.js","description":"Typed.js is a library that types. It is designed to create typewriter-style animations with ease.","website":"https://mattboldt.com/demos/typed-js/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":4,"received_data":352921,"sent_data":2019,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":2,"received_data":105974,"sent_data":880,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":12714,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2025-12-29T01:21:43.190502Z","alert_count":0,"request_count":2,"received_data":815955,"sent_data":812,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-01-04T23:18:50.311218Z","alert_count":0,"request_count":1,"received_data":10700,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"unpkg.com/typed.js@2.1.0/dist/typed.umd.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ba6a3f6e22122d8f5ed22c423299981","sha1":"56d37a2bddc14e29c98bee9229017eb326fe0994","sha256":"58424467abb3fa4b302a80c7108fe20ca8328e4ecb4275cf1a04db3fa5f83f27","sha512":"fb6a56f315d4feb36bed54be1fad9aa9aa5f469a85c2749087d6a9e931e3b26e35031800d0c84546d7eb0014be2f1d8a1c99fcd943ab9c12a18d9397a689b62d","ssdeep":"96:kqgUC2p3lPiDFV3ji18TpMYO0LGastufWBX1nELdewshsjnZDVvI+qjmZoqQxRrq:k/UCI3BiDFVO1Gbstu+Bssh1anwF5y8G","tlshash":"2f12630eb24179774adb91f052eb068f553699a82026d17cf4bdece11be0d4e607bb38","size":9843,"data":"","first_seen":"2023-07-08T20:42:54Z","last_seen":"2026-04-20T22:34:28.307856Z","times_seen":614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-21T16:22:29.205609Z","times_seen":30976,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b7566399eb2f22c3bd0c00d2fcd083c","sha1":"394e3ed4f94a8281f65ba9a26bfe19b7a2519087","sha256":"dece79c79aef9e61d79ea2e5320d2ff3f60eb1e68c35d89317a23f08ac5c4151","sha512":"b7227e2290e66377e61ce500706c8556024f66b2fe83bae33514f220d7a83f3a699c9c2c18d9aa02b4ffc4844d1633ea68223fb8a55638be63bb3b24cdb862ed","ssdeep":"1536:Iwk6ey/PIZHo+DqA55l6DNJZ8VUwzIYbRd:te2Iqol6DNn8BIY/","tlshash":"e273f8916a04f03776bb45ae65d1e2047af99405fcb34854f42cc8804fe7d4f2ab7aba","size":79875,"data":"","first_seen":"2025-12-22T23:48:28.890392Z","last_seen":"2026-04-16T22:53:29.640753Z","times_seen":1236,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bloxlab.st/apis/js/tools.js","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1593959fde4a43cd2077143677d1694","sha1":"0a8106881cbed06bd5263a2a227c44fd28470e4f","sha256":"adcf7b9ced643404c7dece3b9c211da4bdac3afc19baba0ab703955630a688ef","sha512":"0937da5b9e204a8e17dee97851b6b14af6c991243d96452cb896aa9113fa42e5ff7f3f28005d17f2d3b2c95b05c88ff4223e790204084d8b8d1fe41f5d4ca7fa","ssdeep":"384:PXlqzEXMUT3vufjq2U0UEufjNsNQjka0/2T:PV2EXMg/721vksNYrT","tlshash":"e7e2639bd2fa14321533b4242a9f92157906a1039d05ae793fdc93a4afcd52cc8f37ad","size":33943,"data":"","first_seen":"2025-11-04T02:25:55.723256Z","last_seen":"2026-01-04T23:41:32.715019Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bloxlab.st/apis/js/page.js","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":false,"md5":"24aa512eafa10d96c796d0fe54babc91","sha1":"7d5e2a33cab4864329e3478c62a1e9e3eba5ee44","sha256":"a0d75f3c71042e107ed87287ee585b5f50c6ace14dfa8daf07a70df965b4d60a","sha512":"e29265153a8a51542d096b5f27fad349e63eae8dfe0a6b14f2a0f844e7647e725371adb3c6fc35b674fd09d01ce88033a37554cabc781e139387de7eee087088","ssdeep":"192:Zw0Lp9kgFfFNFTwmT5bVC3BxpMPAnDd2v+l9s3G93uOPMDN:20NFpZLC3BxiMDY2l23GJ0","tlshash":"0b32625aa131107085b773b6ef969709fb39912770028a8a3f2c86091ff2c916971ffc","size":11761,"data":"","first_seen":"2025-11-04T02:25:55.69571Z","last_seen":"2026-01-04T23:41:32.716776Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bloxlab.st/favicon.ico","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:08.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bloxlab.st","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 17 Nov 2025 12:14:38 GMT","end":"Sun, 15 Feb 2026 12:14:37 GMT"},"fingerprint":{"sha1":"A1:B6:1E:45:EE:68:FC:C8:60:66:35:1D:91:60:DE:75:FB:17:5C:40","sha256":"B4:E0:06:A9:77:CD:1B:84:8A:84:09:EB:95:81:F8:18:42:BD:84:1D:AB:82:28:01:92:76:B4:BC:DB:CB:EF:7B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bloxlab.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/Join-Any/Blox-Toolz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Apache\r\nDate: Sun, 04 Jan 2026 23:41:08 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Encoding: gzip\r\nContent-Length: 2774\r\nEggy-Wall: 9.72\r\nAbuse: abuse@eggywall.cc\r\nVary: Accept-Encoding\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":11770,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5f8c61dcd4d83d8257e33479e53e1a85","sha1":"c6060b53c278dd3ad0b40909bf73a291926bb1f5","sha256":"7560b157c09050e35b315a27cc030e1f0cde866ad886d105b27597c8ca6a5721","sha512":"01afc203f7eb9882a2828bf4e2691461e7cf1794eef7e4a6f09a1217adff7f25c2f4d6e039165c649011773a71e2144c3931e85718b2127926718e78e75c0e20","ssdeep":"192:D3hhRhAQJdKVWagjxckrTkoePUE8YUoswEv7SYyoJSxy9Em8Y19dKwD77tR5mIH:LTd3KVWa8ckrTkoQUE8YUoJEmYyoswE8","tlshash":"7c32960060f111ef81c345a0f5927b2afeaeda5bc17bc4c5b26c8266afc6c670e57364","first_seen":"2025-12-09T09:51:33.007729Z","last_seen":"2026-03-14T20:34:21.846541Z","times_seen":6,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"bloxlab.st","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 9b8e95b84810b51e-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1622768\r\nexpires: Fri, 25 Dec 2026 23:41:07 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kS%2BCvXXtyBzOaFupEhNbO%2FVd%2B%2Bwx6YwxrWN0aoiKUVmHZJekNcgWawwWNF%2FEu9sYVDPf3CoBTIsDxxATJxv6qavzI4LmfjrPSGwbyLjcgY0UIVV91NQmQBTCbD0fYxMzg54yuTeY\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-21T16:40:47.420629Z","times_seen":44852,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":29,"dns":0,"connect":7,"send":0,"wait":27,"receive":1,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/sweetalert2@11 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 21347\r\ncf-ray: 9b8e95b868445ebd-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 11.26.17\r\nx-jsd-version-type: version\r\netag: W/\"13803-OU4+1PlKgoH2W6mia/4Zt6JRkIc\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220042-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 18778\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=X3wGXhF6xUN5ldwrLmOmXWznEI9sPId78hy9J%2Ft9TsvUJNv%2Fl2ZpEbGfiBsldSV78KL8WKxdaNI8rcVMc%2Bwj99tLQ7hB%2Fj7aDemqyQ2%2FMYV1up%2FQg%2FabiQ1g6AoFdRGp88c%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48887)","md5":"0b7566399eb2f22c3bd0c00d2fcd083c","sha1":"394e3ed4f94a8281f65ba9a26bfe19b7a2519087","sha256":"dece79c79aef9e61d79ea2e5320d2ff3f60eb1e68c35d89317a23f08ac5c4151","sha512":"b7227e2290e66377e61ce500706c8556024f66b2fe83bae33514f220d7a83f3a699c9c2c18d9aa02b4ffc4844d1633ea68223fb8a55638be63bb3b24cdb862ed","ssdeep":"1536:Iwk6ey/PIZHo+DqA55l6DNJZ8VUwzIYbRd:te2Iqol6DNn8BIY/","tlshash":"e273f8916a04f03776bb45ae65d1e2047af99405fcb34854f42cc8804fe7d4f2ab7aba","first_seen":"2025-12-22T23:48:28.890392Z","last_seen":"2026-04-16T22:53:29.640753Z","times_seen":1236,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":42,"dns":4,"connect":7,"send":0,"wait":13,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:400,600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Open+Sans:400,600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 04 Jan 2026 23:41:07 GMT\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12028,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"392ff0c3c55b5c9ea904a0b5bf9792ba","sha1":"22eff5429915379978501ee27adcd419276e6d1b","sha256":"b16e27d0a6fc5cce1be1e217f40c037271ccf9f9bc29f106adf91e11ace794f3","sha512":"f396a52935a2438498e0249f5c23cc5d69a01bd0f67789b7d5d8846a23b56b183bf9e5ac61097d10af599a3f37bb0fe7c3e0981b33a395ca8d6bbe6c8101a75a","ssdeep":"192:aCKKf2XdrqJnbqGIwV4jozYJCMMV2NnrqDnbqGIwV4pWzGY:Jt5qY4yf/qY4g","tlshash":"d2420b9000171850ab435de673ce7e34ee0f92626044d07a6bfd8b9bdedad6963b431d","first_seen":"2025-09-17T08:42:41.093329Z","last_seen":"2026-04-21T15:41:30.528221Z","times_seen":2996,"resource_available":false,"data":null}},"time_used":774,"timings":{"blocked":366,"dns":1,"connect":22,"send":0,"wait":33,"receive":0,"ssl":348},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::5rt5l-1767569996278-f3cc5a288be2\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 70\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZROEFztck%2F1081hTJXxR7P9SnOjLl95j60s4NWufVdjMeIv5BJVosS5GO75n2iW6%2FLF%2FYwdhaS1NA%2FRj5%2BUOEs5v2%2F1ZF9ELmBWSKrbEusw%3D\"}]}\r\ncf-ray: 9b8e95b88b4eb4f7-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T16:33:36.951402Z","times_seen":14022883,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":65,"dns":21,"connect":12,"send":0,"wait":5,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bloxlab.st/apis/js/tools.js","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bloxlab.st","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 17 Nov 2025 12:14:38 GMT","end":"Sun, 15 Feb 2026 12:14:37 GMT"},"fingerprint":{"sha1":"A1:B6:1E:45:EE:68:FC:C8:60:66:35:1D:91:60:DE:75:FB:17:5C:40","sha256":"B4:E0:06:A9:77:CD:1B:84:8A:84:09:EB:95:81:F8:18:42:BD:84:1D:AB:82:28:01:92:76:B4:BC:DB:CB:EF:7B"}}},"request":{"raw":"GET /apis/js/tools.js HTTP/1.1\r\nHost: bloxlab.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/Join-Any/Blox-Toolz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Apache\r\nDate: Sun, 04 Jan 2026 23:41:06 GMT\r\nContent-Type: text/javascript\r\nContent-Encoding: gzip\r\nContent-Length: 4845\r\nEggy-Wall: 9.72\r\nAbuse: abuse@eggywall.cc\r\nX-Cache: HIT\r\nLast-Modified: Sun, 31 Aug 2025 14:53:51 GMT\r\nX-Cache-Url: https://bloxlab.st/apis/js/tools.js\r\nEtag: \"8497-63daa6c523d56-gzip\"\r\nVary: Accept-Encoding\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":33943,"size_decoded":0,"mime_type":"text/javascript","magic":"Algol 68 source, Unicode text, UTF-8 text","md5":"c1593959fde4a43cd2077143677d1694","sha1":"0a8106881cbed06bd5263a2a227c44fd28470e4f","sha256":"adcf7b9ced643404c7dece3b9c211da4bdac3afc19baba0ab703955630a688ef","sha512":"0937da5b9e204a8e17dee97851b6b14af6c991243d96452cb896aa9113fa42e5ff7f3f28005d17f2d3b2c95b05c88ff4223e790204084d8b8d1fe41f5d4ca7fa","ssdeep":"384:PXlqzEXMUT3vufjq2U0UEufjNsNQjka0/2T:PV2EXMg/721vksNYrT","tlshash":"e7e2639bd2fa14321533b4242a9f92157906a1039d05ae793fdc93a4afcd52cc8f37ad","first_seen":"2025-11-04T02:25:55.723256Z","last_seen":"2026-01-04T23:41:32.715019Z","times_seen":3,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":3,"connect":27,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"bloxlab.st","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bloxlab.st/apis/js/page.js","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bloxlab.st","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 17 Nov 2025 12:14:38 GMT","end":"Sun, 15 Feb 2026 12:14:37 GMT"},"fingerprint":{"sha1":"A1:B6:1E:45:EE:68:FC:C8:60:66:35:1D:91:60:DE:75:FB:17:5C:40","sha256":"B4:E0:06:A9:77:CD:1B:84:8A:84:09:EB:95:81:F8:18:42:BD:84:1D:AB:82:28:01:92:76:B4:BC:DB:CB:EF:7B"}}},"request":{"raw":"GET /apis/js/page.js HTTP/1.1\r\nHost: bloxlab.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/Join-Any/Blox-Toolz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Apache\r\nDate: Sun, 04 Jan 2026 23:41:06 GMT\r\nContent-Type: text/javascript\r\nContent-Encoding: gzip\r\nContent-Length: 2828\r\nEggy-Wall: 9.72\r\nAbuse: abuse@eggywall.cc\r\nLast-Modified: Mon, 25 Aug 2025 11:03:57 GMT\r\nVary: Accept-Encoding\r\nX-Cache: HIT\r\nX-Cache-Url: https://bloxlab.st/apis/js/page.js\r\nEtag: \"2df1-63d2e83114140-gzip\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11761,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"24aa512eafa10d96c796d0fe54babc91","sha1":"7d5e2a33cab4864329e3478c62a1e9e3eba5ee44","sha256":"a0d75f3c71042e107ed87287ee585b5f50c6ace14dfa8daf07a70df965b4d60a","sha512":"e29265153a8a51542d096b5f27fad349e63eae8dfe0a6b14f2a0f844e7647e725371adb3c6fc35b674fd09d01ce88033a37554cabc781e139387de7eee087088","ssdeep":"192:Zw0Lp9kgFfFNFTwmT5bVC3BxpMPAnDd2v+l9s3G93uOPMDN:20NFpZLC3BxiMDY2l23GJ0","tlshash":"0b32625aa131107085b773b6ef969709fb39912770028a8a3f2c86091ff2c916971ffc","first_seen":"2025-11-04T02:25:55.69571Z","last_seen":"2026-01-04T23:41:32.716776Z","times_seen":3,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":3,"connect":27,"send":0,"wait":23,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"bloxlab.st","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bloxlab.st/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::jwcjr-1765212281299-f54ecb125284\r\nlast-modified: Mon, 08 Dec 2025 16:44:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 2357785\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QDCQUTu4C9BB3LjpBGUQDnjk8SUHjSsycWJRhYL8OnGdbaP60sQ3%2FpPXQBiIHuMqSPChwj2mKKAnBjOomyc2hPgiWzXgalp7K3lKczx3anI%3D\"}]}\r\ncf-ray: 9b8e95b9ac48b4f7-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-21T16:22:29.205609Z","times_seen":30976,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:08.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bloxlab.st\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:08 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\ncf-ray: 9b8e95bd986a1525-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1372399\r\nexpires: Fri, 25 Dec 2026 23:41:08 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=R5UVE9BgGpIiN8u%2BW707HTwEaiYpqrb1CGOeJbLipLa%2FYNF3BlkgcYfNxOOgYrYWXHfTDQAz12YVqQZSf%2BiwTJOLr5i%2FohbPzYU2Ox0PdwHyUoXaz1Vt%2B9VBL3DCGpljmFlf7Ouy\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-04-21T16:38:27.225318Z","times_seen":32875,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":18,"dns":1,"connect":0,"send":0,"wait":10,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bloxlab.st/Join-Any/Blox-Toolz","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T23:41:06.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bloxlab.st","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 17 Nov 2025 12:14:38 GMT","end":"Sun, 15 Feb 2026 12:14:37 GMT"},"fingerprint":{"sha1":"A1:B6:1E:45:EE:68:FC:C8:60:66:35:1D:91:60:DE:75:FB:17:5C:40","sha256":"B4:E0:06:A9:77:CD:1B:84:8A:84:09:EB:95:81:F8:18:42:BD:84:1D:AB:82:28:01:92:76:B4:BC:DB:CB:EF:7B"}}},"request":{"raw":"GET /Join-Any/Blox-Toolz HTTP/1.1\r\nHost: bloxlab.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Apache\r\nDate: Sun, 04 Jan 2026 23:41:06 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Encoding: gzip\r\nContent-Length: 3352\r\nEggy-Wall: 9.72\r\nAbuse: abuse@eggywall.cc\r\nVary: Accept-Encoding\r\nX-Cache: HIT\r\nX-Cache-Url: https://bloxlab.st/Join-Any/Blox-Toolz\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Typed.js","description":"Typed.js is a library that types. It is designed to create typewriter-style animations with ease.","website":"https://mattboldt.com/demos/typed-js/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11284,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1060)","md5":"b072d96c059e280e1b1fe1a4f4ff5493","sha1":"8ddf3ce638eda1d8d5d13cbf8e5653d520f4dcde","sha256":"56e936094de1c78190a8b1654e292b7022fb4284f3f68a0d8f33e090849ba01d","sha512":"4ea4447d8b81a41d88fd72c2098816fad6951a622731fc05c9a15dc137654c4f9245977ecc9ddb77234125e010169d4927b020f0a272adf42fad81f43c1ee3fe","ssdeep":"192:S/7XFXNF98RThZ7ejCNLiims4PumNpSB/Tz:S/7Vr9QKjCNL8s4rNpSB/n","tlshash":"cc32b51691f8497f502382d57aa4bb1a2dced407e94f1204babd07a91fe3c85cc1f66d","first_seen":"2026-01-04T23:41:32.719829Z","last_seen":"2026-01-04T23:41:32.719829Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":117,"dns":61,"connect":23,"send":0,"wait":22,"receive":1,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"bloxlab.st","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11.7.27/dist/sweetalert2.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/sweetalert2@11.7.27/dist/sweetalert2.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 4336\r\ncf-ray: 9b8e95b848105ebd-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 11.7.27\r\nx-jsd-version-type: version\r\netag: W/\"5d26-vRnVLza7Funq1T27eyqIFa2z4Rg\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220108-FRA, cache-bma-essb1270078-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 3574091\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=G7ACA7l%2F15Ad8PtvdG1y4%2FKWL8bMHzY9TZnxgaSjGsj92drqq9XZzBwSvywXVPuepVkhJn5ocetAV0mgV1gDzPCyzm35P3rxzJhk02VzpTvtzj7ZdvBbgtOQQbqEgSFdxyo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23846,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (23845)","md5":"105efa4638cbe0aa7bc547a92229e670","sha1":"bd19d52f36bb16e9ead53dbb7b2a8815adb3e118","sha256":"549bb08eb2161d6b0f484bd05780e23df9d98bb6b139a896c0a7d76899d1e6d0","sha512":"212715e64bc9a3e4c83dbc4435eaf165c129bbd56b2d41a1d6a616bfa67d6b2961c5613893815c87708797421862637e8eb9d64013e5a684d5a167d231a92828","ssdeep":"192:CBh5Cif2Ib/m3ozgBVdXtLZDcFPAtmFHiJw3epAd/34JpG:CB72IrjgvFAFPAtmQa3Mu/ofG","tlshash":"dab2f9a1aa88e017f67a862f59c0f60875d9e50bfdf3085ef414d1008fd7e5f2a792a4","first_seen":"2023-09-07T08:16:19Z","last_seen":"2026-04-21T07:21:38.615173Z","times_seen":288,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":31,"dns":1,"connect":2,"send":0,"wait":14,"receive":1,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 4216\r\ncf-ray: 9b8e95b86823b51e-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5f5628a2-11846\"\r\nlast-modified: Mon, 07 Sep 2020 12:33:38 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1371951\r\nexpires: Fri, 25 Dec 2026 23:41:07 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=eIuITGKTV5YT9%2BXzPDIoDSmpJvH7vp%2FEtzqxk78NMXHjpVrAcAY34jZljUQnW8UJhsWqm%2FTddJ8%2FEwA5SVE1w7x%2BtoVe8s2mQSOpnJ0GkCODT%2B%2FUo65qm4v1F35CTtjKma7DX%2BdX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71750,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65348)","md5":"c0be8e53226ac34833fd9b5dbc01ebc5","sha1":"b81ef1b22de26af8a7a4656f565fbc91a69d7518","sha256":"5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f","sha512":"738daa4d2c3fc0f677ff92c1cc3f81c397fb6d2176a31a2eeb011bf88fe5a9e68a57914321f32fbd1a7bef6cb88dc24b2ae1943a96c931d83f053979d1f25803","ssdeep":"1536:h6uNQ3fdPwwanleMf72yMPkZ8PFwh1nAukdDO3Xyr5Ir5eh0dTo:AkZgwh1nAukdDO3Xyr5Ir5eh0dTo","tlshash":"a66329ae4891128990230f6787cd5ea84b3dc6a355721cee33552c0b8b46fee73de617","first_seen":"2023-04-05T05:17:37Z","last_seen":"2026-04-21T16:43:54.470281Z","times_seen":26021,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":48,"dns":4,"connect":3,"send":0,"wait":18,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/typed.js@2.1.0/dist/typed.umd.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 07:56:49 GMT","end":"Sat, 21 Mar 2026 08:56:47 GMT"},"fingerprint":{"sha1":"26:50:C2:17:0A:FF:C4:D7:84:D7:E7:28:A7:58:4B:CD:0A:7B:2A:79","sha256":"93:15:E6:80:68:21:48:A6:B0:14:8D:F2:4E:A3:50:33:6C:01:5B:84:8D:F6:75:2E:09:A4:79:DD:37:13:FA:B0"}}},"request":{"raw":"GET /typed.js@2.1.0/dist/typed.umd.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:07 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ncf-ray: 9b8e95b88b94568a-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 3927388\r\ncache-control: public, max-age=31536000\r\nexpires: Mon, 04 Jan 2027 23:41:07 GMT\r\nlast-modified: Fri, 11 Jul 2025 16:35:31 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:WEJEZ6uz+kswKoDHEI/iDKgyjk7LQnXPGgTbP6X4Pyc=:\r\nfly-request-id: 01JZX5F37HJXSB7CHH6PTJW0C6-ord\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9843,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4968)","md5":"3ba6a3f6e22122d8f5ed22c423299981","sha1":"56d37a2bddc14e29c98bee9229017eb326fe0994","sha256":"58424467abb3fa4b302a80c7108fe20ca8328e4ecb4275cf1a04db3fa5f83f27","sha512":"fb6a56f315d4feb36bed54be1fad9aa9aa5f469a85c2749087d6a9e931e3b26e35031800d0c84546d7eb0014be2f1d8a1c99fcd943ab9c12a18d9397a689b62d","ssdeep":"96:kqgUC2p3lPiDFV3ji18TpMYO0LGastufWBX1nELdewshsjnZDVvI+qjmZoqQxRrq:k/UCI3BiDFVO1Gbstu+Bssh1anwF5y8G","tlshash":"2f12630eb24179774adb91f052eb068f553699a82026d17cf4bdece11be0d4e607bb38","first_seen":"2023-07-08T20:42:54Z","last_seen":"2026-04-20T22:34:28.307856Z","times_seen":614,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":55,"dns":4,"connect":7,"send":0,"wait":19,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:08.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bloxlab.st\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 04 Jan 2026 23:41:08 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 24948\r\ncf-ray: 9b8e95bda8791525-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-6174\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1364791\r\nexpires: Fri, 25 Dec 2026 23:41:08 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yKOKXv1bFZBQxts7eFS0KCFpNqbqcEaJUJvXXqY1CYANvgxk9J2xUQ3%2BDHxPmXMGLqmKq5mYsq8xf2FkGOueWhBb5WICPmHW97k2OjQd2mHlk%2BDDICzPy8JDFRO%2FkoEBAlSpDeEX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24948,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 24948, version 772.256","md5":"61f30b79daf5b31f0d254a31fba66158","sha1":"fb363d27cfdfe71a243fa2ac3dab2815232b9b7e","sha256":"8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35","sha512":"db6f82dbbfd0c77d1b34074ed2eeaa8659924ab1a4320fdeee93eec36ab98516fd92836765ced03f0acb70d153ac14c4b50b7dfcc8f105a995fc4e65bffbdcd1","ssdeep":"768:E5ZyQM6ylMx2k3xyF7RwyXb3QoqKGENDWteN:E5ZtSMx2VhR/bACGEv","tlshash":"6fb2f12c52f0ffb7d4c74a2ad8b84f2218e2b030e5f19111b44ce8b5da4bac8945a327","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-04-21T15:48:49.504046Z","times_seen":8516,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":12,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bloxlab.st/apis/css/page.css","fqdn":"bloxlab.st","domain":"bloxlab.st","tld":"st"},"ip":{"addr":"91.240.21.8","port":443,"asn":59939,"as":"WIBO Baltic UAB","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bloxlab.st/Join-Any/Blox-Toolz","date":"2026-01-04T23:41:07.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bloxlab.st","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 17 Nov 2025 12:14:38 GMT","end":"Sun, 15 Feb 2026 12:14:37 GMT"},"fingerprint":{"sha1":"A1:B6:1E:45:EE:68:FC:C8:60:66:35:1D:91:60:DE:75:FB:17:5C:40","sha256":"B4:E0:06:A9:77:CD:1B:84:8A:84:09:EB:95:81:F8:18:42:BD:84:1D:AB:82:28:01:92:76:B4:BC:DB:CB:EF:7B"}}},"request":{"raw":"GET /apis/css/page.css HTTP/1.1\r\nHost: bloxlab.st\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bloxlab.st/Join-Any/Blox-Toolz\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Apache\r\nDate: Sun, 04 Jan 2026 23:41:06 GMT\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nContent-Length: 4937\r\nEggy-Wall: 9.72\r\nAbuse: abuse@eggywall.cc\r\nX-Cache-Url: https://bloxlab.st/apis/css/page.css\r\nAccept-Ranges: bytes\r\nLast-Modified: Mon, 25 Aug 2025 11:03:49 GMT\r\nVary: Accept-Encoding\r\nEtag: \"64fd-63d2e82972f40-gzip\"\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":25853,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"ac365e2b608168d417dede97943ba033","sha1":"abf21456b785b97d08916459ea7c7f38c55feda1","sha256":"750c2f5320cc02c6e13a07a98734c1d3d8e8b067f725330c7eb1b579b1448ad2","sha512":"4a253ec95055da2a93fb189141b340cdbaed1b6c675c392d7d8f97fe689d1a8ea0fb8181fe147fa2f219eaa66150a8d193f222c25739569cdb19acf090b3b54e","ssdeep":"192:fO90EQAOZY+7Fqf1rxDBIPb6nyMgBNZylPvQR0BEJIRd+3+r3SbJtPW3l9vcOUEx:fcQS+7Fe1F9IPmbghlebjbYUHkC","tlshash":"3fc2845c89811589a337d795aff24709dbb9900399030b7db7de32854fba0bcc2a2f59","first_seen":"2025-11-04T02:25:55.721446Z","last_seen":"2026-01-04T23:41:32.726027Z","times_seen":3,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"bloxlab.st","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"bloxlab.st","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}