{"report_id":"29062b93-cb98-4b51-829d-72b78ac9ee1c","version":6,"status":"done","tags":[],"date":"2026-02-04T19:37:40Z","url":{"schema":"http","addr":"blackhatlibrary.net","fqdn":"blackhatlibrary.net","domain":"blackhatlibrary.net","tld":"net"},"ip":{"addr":"172.233.219.123","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"title":"Parking Page","dom":{"size":5274,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"64d8b9e9d78f46f18fd50cab5af0a0b1","sha1":"468c6415769ac29c39873c6267754a04ac622788","sha256":"c76acb0d847bcc50caee83b1fcfedf526fb96e9d9ca5aecafc3712b9cbaf1003","sha512":"f77e2aa175908dd118ea6b9a22ef09f5e396c8357f5786781bec5cabfefc2f4b6ff261ba78e7f29bb2edcab1da22bc1893a7ff32884757337dfd8e7df478bf04","ssdeep":"48:ns2iYZzZr/MnXrA98VtDrTgDo9wn5wTjhwbwJwLwLlwDOewFw2YgfNOWHdZ:nL8bE8Vh22TjuUGELSDORy2fDdZ","tlshash":"85b1b91a17f8482e71939a81d772b73eaea151939846911cb5ad13f44fc7e9acc330ac","dom_hash":"domhash413ef206380c1c61233445cf815e208a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"blackhatlibrary.net","fqdn":"blackhatlibrary.net","domain":"blackhatlibrary.net","tld":"net"},"ip":{"addr":"172.233.219.123","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-11T19:37:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"thesheperdsquad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"blackhatlibrary.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"blackhatlibrary.net","ip":{"addr":"172.237.146.8","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"domain_registered":"2015-09-02","domain_rank":0,"first_seen":"2026-02-04T19:37:40.847881Z","last_seen":"2026-02-04T19:37:40.847881Z","alert_count":2,"request_count":2,"received_data":5315,"sent_data":933,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"thesheperdsquad.com","ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-03-05","domain_rank":0,"first_seen":"2026-02-02T06:00:07.584102Z","last_seen":"2026-02-02T06:00:07.584103Z","alert_count":5,"request_count":5,"received_data":136884,"sent_data":2715,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"router.parklogic.com","ip":{"addr":"172.234.216.100","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"domain_registered":"2007-02-28","domain_rank":346495,"first_seen":"2025-03-19T10:23:50.028513Z","last_seen":"2026-02-02T01:35:10.087036Z","alert_count":0,"request_count":1,"received_data":213,"sent_data":508,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-02-01T22:46:30.991716Z","alert_count":0,"request_count":1,"received_data":90135,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"blackhatlibrary.net/","fqdn":"blackhatlibrary.net","domain":"blackhatlibrary.net","tld":"net"},"ip":{"addr":"172.237.146.8","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"07e6c78574a8660b420a12fdc5db59c5","sha1":"201ef8a08b661b9d47cd0d5148cd759bbc906706","sha256":"0ecc06357fa9e3704ab4db6b250625922839938dcbe091e96430b200dd0f1534","sha512":"49482af68ecda19ec58eba093c5528d6cb914535697450254876307f484054a37101f496f99b31cc66854267a55503b0e89de02446085bb31a0b8f070bffba30","ssdeep":"96:ItDJYtoAJS8ffKH1NPIX4rDIcQ0ucq4o5nZhkZS5I7Bma8:IVJYtoA1ffqzr/IcQ0ybGYmoa8","tlshash":"88910a76b7c270398be610eaa43fab18753ed20135074062d7a9fcd13d2095b50a6f85","size":4323,"data":"","first_seen":"2026-02-04T19:37:42.958222Z","last_seen":"2026-02-04T19:37:42.958222Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b79b732ca3737ddd5239d0ab2fb1d9b4","sha1":"b4df4f2b1ecf38f2e8d9321117c96a61e01c9edd","sha256":"be144bf8099e36e9dfdd9a8e82d56a5d77adf65c85fb1523b7b6318a5ae2a672","sha512":"a0e9119a8312fbe63641688088a06bcbda9daf3d8a3e1fe2eba197ffd030e12f7ec40f465b3f243455533344e46b695c2ed6b042b3ed925a8d3a4f98958cafac","ssdeep":"","tlshash":"9af0d8093297748d9693672df7278798383232136051c59c704d86b21f01c159966afe","size":444,"data":"","first_seen":"2026-02-04T19:37:42.960652Z","last_seen":"2026-02-04T19:37:42.960652Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-15T13:53:11.436888Z","times_seen":450199,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"thesheperdsquad.com/custom.css","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","date":"2026-02-04T19:37:20.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thesheperdsquad.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"42:11:15:9F:DA:71:CF:0B:A3:2B:A2:9C:F5:D7:D2:F4:97:FC:50:FD","sha256":"28:AD:66:1D:72:BA:47:13:C9:4A:E4:D5:DF:D5:FF:55:24:FF:A3:B5:73:5D:6B:B0:73:BF:9B:10:EE:E2:CC:7D"}}},"request":{"raw":"GET /custom.css HTTP/1.1\r\nHost: thesheperdsquad.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812\r\nCookie: PHPSESSID=f43inkja37lbtt2ui4ohgkst12\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 19:37:20 GMT\r\ncontent-type: text/css\r\ncontent-length: 1095\r\nlast-modified: Fri, 23 Jan 2026 05:33:42 GMT\r\netag: \"69730836-447\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1095,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"3a93547bfd039428ec86efd6326d8f66","sha1":"e6cc154460ea8b855859f08db4e584b79b33774d","sha256":"a8605c75a8591b75908a110d49ee68ee365a65aa1e693195ff612481fef2a539","sha512":"8fee221bc90f648de27cdbd6bf068d3b4d9b32e0be2aa94fba0a133528f92edea63c1f7d305ecf094fc157e0ef0957f9e92fb91fc46aafdbcfefd1c70f972ca8","ssdeep":"","tlshash":"7011c07dad82218582736c54efb32649ea856413d90250e4bdd6d745cfbc1a98450f8c","first_seen":"2026-01-23T05:57:25.33188Z","last_seen":"2026-02-08T21:41:58.381512Z","times_seen":2390,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"thesheperdsquad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"thesheperdsquad.com/favicon.ico","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","date":"2026-02-04T19:37:21.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thesheperdsquad.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"42:11:15:9F:DA:71:CF:0B:A3:2B:A2:9C:F5:D7:D2:F4:97:FC:50:FD","sha256":"28:AD:66:1D:72:BA:47:13:C9:4A:E4:D5:DF:D5:FF:55:24:FF:A3:B5:73:5D:6B:B0:73:BF:9B:10:EE:E2:CC:7D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: thesheperdsquad.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812\r\nCookie: PHPSESSID=f43inkja37lbtt2ui4ohgkst12; domain=blackhatlibrary.net; affiliateId=2143526812\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 19:37:21 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 3262\r\nlast-modified: Mon, 03 Mar 2025 03:53:35 GMT\r\netag: \"67c527bf-cbe\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3262,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel","md5":"89758189d685134f254f97aac7e0587d","sha1":"52db58bbc96facec03f20495c72b5891c32bbf9e","sha256":"8073c580947f28b4cac036c7a2b0fe24c422643143c18085cfba85821057826d","sha512":"063ad866fa998254e508a9b9bba6c6e6026ecbdd826fb1e3954df3687c59116db93cf1c943b8d8cb680cdc7418c17e0d425ee938d3d907e00a2363e210781bb5","ssdeep":"","tlshash":"156153411a65d2faf6642575393933b941375e39ebd1c5ae58e0bb252e3722c10e0148","first_seen":"2024-08-19T21:48:43.197837Z","last_seen":"2026-04-12T11:23:25.701878Z","times_seen":45240,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"thesheperdsquad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"router.parklogic.com/","fqdn":"router.parklogic.com","domain":"parklogic.com","tld":"com"},"ip":{"addr":"172.234.216.100","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://blackhatlibrary.net/","date":"2026-02-04T19:37:19.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"router.parklogic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Dec 2025 08:01:25 GMT","end":"Fri, 13 Mar 2026 08:01:24 GMT"},"fingerprint":{"sha1":"D8:3A:EB:64:AF:A9:C6:67:7C:CE:AC:F4:9C:BE:A3:43:73:02:D4:3C","sha256":"03:F2:0E:5D:CC:2F:37:6F:1A:0F:ED:B0:90:A8:EA:26:6A:CA:5C:6A:05:BF:5B:73:A8:79:99:65:5E:74:95:B2"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: router.parklogic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 443\r\nOrigin: https://blackhatlibrary.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blackhatlibrary.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":443,"data":"{\"parameters\":{\"regionName\":\"Oslo County\",\"path\":\"/\",\"uuid\":\"828afb5c8efbbeeba6df09884ced1ade\",\"city\":\"Oslo\",\"tenant\":\"shared\",\"continent\":\"EU\",\"timezoneGeo\":\"Europe/Oslo\",\"countryName\":\"Norway\",\"continentName\":\"Europe\",\"country\":\"NO\",\"domainApex\":\"blackhatlibrary.net\",\"domainFull\":\"blackhatlibrary.net\",\"ipOrig\":\"91.90.42.154\",\"protocol\":\"https\",\"region\":\"03\",\"adBlockingDetected\":false,\"timezoneBrowser\":\"UTC\",\"webdriver\":false,\"gpu\":null}}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 19:37:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":67,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"92465c99e7d8a34a3b6464af325430bf","sha1":"63e1681660738d1b20fdd762138897f1c4bf087c","sha256":"4ad43da7550cdfa0ee6745350c4c07cf988fdd5e8c9b4d2f01580bd08e71e41c","sha512":"19568e763e2027d66804cf074f6522be385084160abb1117d78aeea1fa68707819c0264828dc9de4460de384421acfdb38371ac402a543cddbb5dc2683134079","ssdeep":"","tlshash":"eca02232830802c333c002c0322820c82a0200a0cf03c0eb82c208008238c820000803","first_seen":"2026-02-04T19:37:42.945226Z","last_seen":"2026-02-04T19:37:42.945226Z","times_seen":1,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":225,"dns":1,"connect":105,"send":0,"wait":396,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T19:37:19.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thesheperdsquad.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"42:11:15:9F:DA:71:CF:0B:A3:2B:A2:9C:F5:D7:D2:F4:97:FC:50:FD","sha256":"28:AD:66:1D:72:BA:47:13:C9:4A:E4:D5:DF:D5:FF:55:24:FF:A3:B5:73:5D:6B:B0:73:BF:9B:10:EE:E2:CC:7D"}}},"request":{"raw":"GET /?d=blackhatlibrary.net\u0026pkAId=2143526812 HTTP/1.1\r\nHost: thesheperdsquad.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blackhatlibrary.net/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 19:37:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: PHPSESSID=f43inkja37lbtt2ui4ohgkst12; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}],"data":{"size":6523,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"86305e7159698f244d2212405af5ba6c","sha1":"38e66fd45fcf6611c535485a02cb45acd3503b62","sha256":"7c5695291d8497966ca9a785a74a5c79c1645c1cd444728eb25bf65bdc381dac","sha512":"ce584d5ad825b292f6e2fe20b505f9a3c478419ce84d560fe1773895af33248008c49f8bfd79fe517f03904aa18ec69361fc28b1ec8c94145362d2e8c48a0519","ssdeep":"48:TTqdFfJ2xm73QU3dn3T3qNNNkneIBPnX6YuCAW8Qt0k50DqyRbHRPg2RbRlRTRHY:Occa0vjJ8Q58VPgW139HxfOerLexj9","tlshash":"ecd1c91d5bc4483d22739760d331b779faa65183a8069128b5ad23a72fb7f1dcc331a8","first_seen":"2026-02-04T19:37:42.948004Z","last_seen":"2026-02-04T19:37:42.948004Z","times_seen":1,"resource_available":false,"data":null}},"time_used":671,"timings":{"blocked":280,"dns":1,"connect":105,"send":0,"wait":110,"receive":0,"ssl":172},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"thesheperdsquad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"thesheperdsquad.com/style.css","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","date":"2026-02-04T19:37:20.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thesheperdsquad.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"42:11:15:9F:DA:71:CF:0B:A3:2B:A2:9C:F5:D7:D2:F4:97:FC:50:FD","sha256":"28:AD:66:1D:72:BA:47:13:C9:4A:E4:D5:DF:D5:FF:55:24:FF:A3:B5:73:5D:6B:B0:73:BF:9B:10:EE:E2:CC:7D"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: thesheperdsquad.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812\r\nCookie: PHPSESSID=f43inkja37lbtt2ui4ohgkst12\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 19:37:20 GMT\r\ncontent-type: text/css\r\ncontent-length: 1935\r\nlast-modified: Wed, 21 May 2025 05:25:48 GMT\r\netag: \"682d63dc-78f\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1935,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"717d7dbd8d757008541fc447fd83458d","sha1":"317f2606d027c38728dce13a0bbad8d8e504deed","sha256":"c532b2f9cac9de5e7cd440298f92f0aa244282d252b45197739e7e30476a7cdc","sha512":"825d95f6c893ca7ce2de2f9f8eb4e4314aec3fe2ead4ae201e9e9a38cd37785ac108142570a77771a5543c697a57f3e7ececef15cac968ef6d55b05b340cf0cf","ssdeep":"","tlshash":"b041e08657a91105740bd8b8b9665b51937cc053c90feafc3aa5209c9ecd1f82a773dc","first_seen":"2025-06-19T05:51:12.622055Z","last_seen":"2026-02-08T08:00:44.084758Z","times_seen":33629,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":317,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"thesheperdsquad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","date":"2026-02-04T19:37:20.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thesheperdsquad.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 04 Feb 2026 19:37:20 GMT\r\nage: 127586\r\nx-served-by: cache-lga21931-LGA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 36189\r\nx-timer: S1770233841.512529,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-15T13:53:11.436888Z","times_seen":450199,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":82,"dns":21,"connect":26,"send":0,"wait":28,"receive":7,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blackhatlibrary.net/","fqdn":"blackhatlibrary.net","domain":"blackhatlibrary.net","tld":"net"},"ip":{"addr":"172.237.146.8","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T19:37:18.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blackhatlibrary.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 15:16:28 GMT","end":"Mon, 20 Apr 2026 15:16:27 GMT"},"fingerprint":{"sha1":"F4:B3:C3:F3:FE:85:A7:28:E0:E0:A5:A0:FB:ED:59:FE:36:7C:C0:31","sha256":"77:5D:40:B6:9F:8F:BC:5C:FB:73:47:F5:32:C3:EE:80:5C:A7:B5:01:42:4E:A8:5A:4C:EE:1B:0B:AD:54:DC:BF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: blackhatlibrary.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Wed, 04 Feb 2026 19:37:18 GMT\r\ncontent-type: text/html\r\ncache-control: no-store, max-age=0\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64\r\npermissions-policy: ch-ua=(self \"https://*.parklogic.com\"), ch-ua-arch=(self \"https://*.parklogic.com\"), ch-ua-bitness=(self \"https://*.parklogic.com\"), ch-ua-full-version=(self \"https://*.parklogic.com\"), ch-ua-full-version-list=(self \"https://*.parklogic.com\"), ch-ua-mobile=(self \"https://*.parklogic.com\"), ch-ua-model=(self \"https://*.parklogic.com\"), ch-ua-platform=(self \"https://*.parklogic.com\"), ch-ua-platform-version=(self \"https://*.parklogic.com\"), ch-ua-wow64=(self \"https://*.parklogic.com\")\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4418,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4418), with no line terminators","md5":"487250ed4911c48ab5b8c456b5a34fcb","sha1":"c9a005488e9cedb2fd535885ad46145bb1047e3e","sha256":"027b5c878929df992c6f9c2dd4115f5abf27aaedfa646c87dd2bca55b251e73c","sha512":"25580ead58bc380af3c4eee6f1b7a6d42f7101de9a19c974c61e7e2a25f318f9e0aa66f70c6328a121c9f0ec715c33ed8549068c671314a29cecef304f49d75e","ssdeep":"96:nItDJYtoAJS8ffKH1NPIX4rDIcQ0ucq4o5nZhkZS5I7BmaL:IVJYtoA1ffqzr/IcQ0ybGYmoaL","tlshash":"9891fa76b7c2703d9be510eaa47bab18793ed200350b4072e7a8fcd13c20a5b5096f85","first_seen":"2026-02-04T19:37:42.952919Z","last_seen":"2026-02-04T19:37:42.952919Z","times_seen":1,"resource_available":false,"data":null}},"time_used":836,"timings":{"blocked":364,"dns":136,"connect":107,"send":0,"wait":108,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"blackhatlibrary.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blackhatlibrary.net/favicon.ico","fqdn":"blackhatlibrary.net","domain":"blackhatlibrary.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://blackhatlibrary.net/","date":"2026-02-04T19:37:19.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blackhatlibrary.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 15:16:28 GMT","end":"Mon, 20 Apr 2026 15:16:27 GMT"},"fingerprint":{"sha1":"F4:B3:C3:F3:FE:85:A7:28:E0:E0:A5:A0:FB:ED:59:FE:36:7C:C0:31","sha256":"77:5D:40:B6:9F:8F:BC:5C:FB:73:47:F5:32:C3:EE:80:5C:A7:B5:01:42:4E:A8:5A:4C:EE:1B:0B:AD:54:DC:BF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: blackhatlibrary.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://blackhatlibrary.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-15T13:55:34.339935Z","times_seen":13785846,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"blackhatlibrary.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"thesheperdsquad.com/template.css","fqdn":"thesheperdsquad.com","domain":"thesheperdsquad.com","tld":"com"},"ip":{"addr":"172.237.133.182","port":443,"asn":20940,"as":"Akamai International B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812","date":"2026-02-04T19:37:20.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"thesheperdsquad.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Fri, 29 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"42:11:15:9F:DA:71:CF:0B:A3:2B:A2:9C:F5:D7:D2:F4:97:FC:50:FD","sha256":"28:AD:66:1D:72:BA:47:13:C9:4A:E4:D5:DF:D5:FF:55:24:FF:A3:B5:73:5D:6B:B0:73:BF:9B:10:EE:E2:CC:7D"}}},"request":{"raw":"GET /template.css HTTP/1.1\r\nHost: thesheperdsquad.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thesheperdsquad.com/?d=blackhatlibrary.net\u0026pkAId=2143526812\r\nCookie: PHPSESSID=f43inkja37lbtt2ui4ohgkst12\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 19:37:20 GMT\r\ncontent-type: text/css\r\ncontent-length: 122877\r\nlast-modified: Fri, 23 Jan 2026 05:33:42 GMT\r\netag: \"69730836-1dffd\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":122877,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"441b7733bc965abff21807d40a5ee7fb","sha1":"eb27bda8dad6ca96769f89db76b00704fdfc1deb","sha256":"721baef5f3de51be644e546874e5b4225b0fb5ccc7740fc8ebf85b3b6f30e7b4","sha512":"9fe1ade3f83d5f02c882450723ff1d60f2487a1ae19c942d5b57d01825422ae9e772fa12491e5fed4e525e617b88d26444e407f9af4b2da51d164b21bd5a94c3","ssdeep":"1536:O+NwZtW6OHb8JLl/h3hTpopdEqEnUVUuD5De7N7l+J+Cmsm574B6lM0yoSm4+R66:PqXD4of4+R6MnJ","tlshash":"adc3240a92091142b433ab3c6fa31719d7798417d342d1f97eed62584ffa2a8ca61fcd","first_seen":"2026-01-23T06:09:40.06817Z","last_seen":"2026-02-08T21:41:58.377151Z","times_seen":2249,"resource_available":false,"data":null}},"time_used":1249,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":106,"receive":1139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"thesheperdsquad.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}