{"report_id":"53a0a59b-11e4-4116-abb8-cae75a33a457","version":6,"status":"done","tags":["phishing"],"date":"2025-12-11T18:10:04Z","url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"title":"Webmail Login","dom":{"size":20509,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2442)","md5":"ac2c1c4b37f7388c8d397a1c4fa9e86e","sha1":"9f6f239d815a828fc0d992bb22d7f1918343f5bd","sha256":"ddc24968bcfa5609eafaa17b7bda2f56ca1bf7de4d2d22d7607ba9463077090c","sha512":"d387aa76667b0160f1df06f0727aae2c9682f7983adef2903d2ce1d5c6c42c52564c0e90bfe4b95042704abb7b6e64a9b5fd8221447b9f1e2e7c03f0e0fd68ef","ssdeep":"384:LH7lubp0XTD33iUWD/ZmXg84MOEsllgLNEvRFznuw:d6pmTD3y/TZmXg84uLNEvRxuw","tlshash":"0692e70668d81093028665ddbe75162d19a6e727860f0e84f17f0be66fe3fddec87029","dom_hash":"domhasheed91c05481aa0ef6aa8f968cae362c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-15T18:10:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":2,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-11T18:09:43Z","timestamp":1765476583,"ip_dst":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.2","port":51140,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2025-12-11T18:09:43.620206+0000\",\"flow_id\":1600923439161164,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":51140,\"dest_ip\":\"104.18.54.45\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.54.45\",\"port\":443},\"target\":{\"ip\":\"172.18.0.2\",\"port\":51140},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-c1cf952568b04e468445555bd93435b1.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2025-12-11T18:09:43.614220+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"pub-c1cf952568b04e468445555bd93435b1.r2.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"summary":[{"fqdn":"sh001.webhostbox.net","ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2010-02-11","domain_rank":0,"first_seen":"2020-01-26T14:01:50Z","last_seen":"2025-12-09T13:32:54.669231Z","alert_count":30,"request_count":15,"received_data":296080,"sent_data":9055,"comment":"","tags":null,"fingerprints":null},{"fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-04-15","domain_rank":0,"first_seen":"2025-12-11T18:10:04.833836Z","last_seen":"2025-12-11T18:10:04.833836Z","alert_count":1,"request_count":1,"received_data":21344,"sent_data":520,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Render","description":"Render is a cloud computing platform that provides a wide range of services, including web hosting, cloud computing, and application development. Render offers several hosting options, including static site hosting, web application hosting, and managed databases.","website":"https://render.com","common_platform_enumeration":"","icon":"Render.svg","categories":["PaaS"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-12-07T22:35:32.893904Z","alert_count":0,"request_count":1,"received_data":86563,"sent_data":480,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pub-c1cf952568b04e468445555bd93435b1.r2.dev","ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2025-10-21T04:01:34.59535Z","last_seen":"2025-11-25T15:35:09.632688Z","alert_count":2,"request_count":1,"received_data":44547,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2025-12-07T23:32:29.593836Z","alert_count":0,"request_count":1,"received_data":51997,"sent_data":486,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T08:49:52.292216Z","times_seen":262908,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-c1cf952568b04e468445555bd93435b1.r2.dev/bra0112.js","fqdn":"pub-c1cf952568b04e468445555bd93435b1.r2.dev","domain":"r2.dev","tld":"dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa63c2dd1d54b85917c43d09a971d874","sha1":"23d0f295e16b920ccbce11b5e1acf8a7e65afeb7","sha256":"72c82b64ae4247c88534aa9d69db797d71c499349a3afe1fe58ddd5219145e95","sha512":"7c863ef9c0f1ccbd281af02b23abfad127fd21f5475cb945e18c305f9e7f26bc253706cd752948ef0773422ba922d28e21d40706fe135f5882b6af8fb7447b47","ssdeep":"768:m6oJwZQQrckY+AFCVonAy2ybbGkrPWozdZDSo4DSiJV+7Kmy7ZwNHfHZRN88fTGB:foatbGX42GoZ8GgHFqbzt3+g4M4e5kpx","tlshash":"a513548177c1799613579f77332bb0e5f82a4cd97588088be101fca0f8ee616ead6670","size":44230,"data":"","first_seen":"2025-12-11T18:10:07.125487Z","last_seen":"2025-12-11T18:10:07.125487Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-05T08:10:55.512013Z","times_seen":120624,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8a3f3180c83b57d05ccd89866a2d13e0","sha1":"df938e543f689ab89753bfa307d98decf8286a0e","sha256":"476f1dfc8bed6f9d819605851e0afd1d44b0cc46be912bb05fbbb89b37653bb5","sha512":"af9429d5ae274c2c7883966e9aad5a3f8517c9fb36be1e213a7a6f006af1244c67cf802d4ca98f67060d2d55e2536e397843df8c7bb15699bd953a88f5aa5322","ssdeep":"","tlshash":"d051bd593f403180576296ffbb2649e1e019ddc97bc9489ff13274aaf860a65d2ca630","size":2446,"data":"","first_seen":"2025-10-24T16:53:33.172645Z","last_seen":"2026-03-07T07:37:08.876565Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-05T08:47:22.219177Z","times_seen":595778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-05T08:48:48.30888Z","times_seen":204588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-error.png","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-error.png HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 1026\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced","md5":"a3265cc598ae28633c060889e790f80c","sha1":"57530d6996c8f36711ef05681474b8f63d4184b3","sha256":"bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd","sha512":"41c2a7085b287d3f3cf6afaaf7bba0c2c42eed1a28f4fbebf2a3e5628e41aaea2c929697de97b939df18221dcd83a477ce3c8b1cdbf499ab64a5fbcbd3689b3e","ssdeep":"","tlshash":"bb11a5c7f3d3e8e8c9846c77c062210cecba32826264869d8a091c82de86c487306d13","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.883874Z","times_seen":9616,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-info.png","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-info.png HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 976\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced","md5":"14146cf832470d9beca95a708a1d6f8d","sha1":"d4b506f92876baea69409f3a78c4718757a53b33","sha256":"95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526","sha512":"69f28ff8e02b199cc9d42ba75ec305dbfdf95c0477cbec88a4c09da21d126e1f8063d45415ee9701013ff0546be2203745620ee794f3ce5dc21be4c0a744da67","ssdeep":"","tlshash":"1d1198c2ab6dd0784a51e6350ce1b4f77bbb298e35690bbe380cf14935454051990af1","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.889889Z","times_seen":8436,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-success.png","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1660251973/unprotected/cpanel/images/notice-success.png HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 962\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":962,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced","md5":"0a0ec2a6468d4d1aa3fc2baa70271ac8","sha1":"a31fb01790aca8dc1976450e4234cb6ccc328956","sha256":"cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79","sha512":"a07edcf33db65397902ddfa9fd32b1d12e8eb7fa5a05ef38a0c65c372cd51cb9a03fb2364a6f712fca70ab09a923c2a56eeeffb7bcff63bf772938821402dbd0","ssdeep":"","tlshash":"3a1154b9a0d6bd29dd0a48b2e8930041e555e9691160194ca845e1a3b3760aff76b542","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.885973Z","times_seen":8418,"resource_available":false,"data":null}},"time_used":1227,"timings":{"blocked":540,"dns":1,"connect":135,"send":0,"wait":138,"receive":0,"ssl":410},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1660251973/unprotected/cpanel/images/icon-username.png","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1660251973/unprotected/cpanel/images/icon-username.png HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 320\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":320,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"07ff84f8c855e5fe9d510ff5c9a4b1e4","sha1":"11c262053e2b9be57d1dba7cb3d916ef041a0e50","sha256":"05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e","sha512":"4cee86a25e66e5a4ff1e8135e12d47ce697b86598a5e47d63777dc14536472944b64ca859fedee2c53b2830374cb4932efaf51d6e493e61cb8c9535680320580","ssdeep":"","tlshash":"89e07dd273a48da5e689087917961000783c075da3012bd91c09d1e61999edc22e25ab","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.888429Z","times_seen":9722,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":80,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/font-woff\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 22660\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22660,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 22660, version 1.0","md5":"79515ad0788973c533405f7012dfeccd","sha1":"5092881fad2caffdc6bf71bdab1ea547b73d3564","sha256":"22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40","sha512":"a0f8bc1917ff69550fb6e27671345acbbfdefb22423274c8876e0ba291feaca65240260e64b236ca76f10448b7a938fe27aeb388eba3a8462acd43d54b352346","ssdeep":"384:4ZnXPbd1G0FEDf+rm7QFcBUZvOZmFZDAbZjIBS1Z3BqH48AmgxQS1ZhY3uyJ+:4pGGPryhMv6mFOiBU40Xp1X4J+","tlshash":"e8a2d0dede0ae80aee99323263d77a4ecb0b1d3ae4319117f52c610933d35972ed0158","first_seen":"2023-04-06T15:25:07Z","last_seen":"2026-04-05T08:55:23.059472Z","times_seen":10660,"resource_available":false,"data":null}},"time_used":1383,"timings":{"blocked":552,"dns":1,"connect":136,"send":0,"wait":275,"receive":1,"ssl":415},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/font-woff\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 22908\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22908,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 22908, version 1.0","md5":"697574b47bcfdd2c45e3e63c7380dd67","sha1":"4590722b795938e0b6ff1b99701d1abe37aeabef","sha256":"26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83","sha512":"35badb8706e160840f38e8a0ed151f92f84d0e966f5f5dad5f42036b3c52b0f93c3fbdd4d3416bdec39a73bb27ce6f21e19700e4337ca37a18aadd771fd905cb","ssdeep":"384:IgXJsQmd1G0Ffzuohk3yJff9f2oVe4rOmtXTuXjv1BaLnYkimJl4:IEeGGfzu0yyJX9OoVe4rOp12nRi8l4","tlshash":"3ba2e098580d3d46e2d265ba23c64af09a60dd78f448f2df2ee5a4c071e9fd30af15a0","first_seen":"2023-04-06T15:25:07Z","last_seen":"2026-04-05T08:44:07.082219Z","times_seen":10047,"resource_available":false,"data":null}},"time_used":1387,"timings":{"blocked":555,"dns":0,"connect":138,"send":0,"wait":274,"receive":1,"ssl":417},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/font-woff\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 22432\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22432,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 22432, version 1.0","md5":"2e90d5152ce92858b62ba053c7b9d2cb","sha1":"8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c","sha256":"a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7","sha512":"5f452b4ab3e3ff3a8225d092fbf7e147595b398742dec5abce787e54cef471c0bc29044e0e00142cc09af7ea1e2f6fbf6da5d5a8b476c86b71594ad68d30858a","ssdeep":"384:UiXG5Jd1G0Fr+9DY1NpS1pYQDO6kd5Tnd2rL6vhMB4liNPwFxDwlH:yJGGRNU/vDtU5TnG65T2ohwlH","tlshash":"68a2e068eb42fa27edb889773bb051fac154d928b570fbe3877a30d8108474fc460865","first_seen":"2023-04-06T15:25:07Z","last_seen":"2026-04-05T08:44:07.071704Z","times_seen":9302,"resource_available":false,"data":null}},"time_used":1383,"timings":{"blocked":550,"dns":1,"connect":136,"send":0,"wait":275,"receive":1,"ssl":415},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:45.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.ttf HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/octet-stream\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 39476\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16077,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 19 tables, 1st \"FFTM\"","md5":"39b4be76e53ebe9ed95d59acfce4ee1f","sha1":"c4d0bb12023ab47ab698ffcdafc8b49bc1c51af9","sha256":"88bf78b2c68c09a643da330363eb6996eeb48c3cd5edf203036d8864a39f9d12","sha512":"2cf6ee55407e31d0ca1f7b222f3b4a5b7a1b24407cd36c4578abfaba40e17a8c280a9a260da8696b37ead8780a0eb7e35cd2df19b504955b31ee56ed75d8ec0c","ssdeep":"384:T/occcw6gbaZ1NNomH6OtdXi/YwOzsJ8lCWernappRCrun:T/occcw6N1nvtAADzzUnappAM","tlshash":"84725d4593168b4af21a3d3401edb2c2ce8ce0150e3a522beddf6955ecc20de4fb599d","first_seen":"2023-05-09T08:40:53Z","last_seen":"2026-04-04T09:18:57.182679Z","times_seen":2191,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","fqdn":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","domain":"val.run","tld":"run"},"ip":{"addr":"104.26.12.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-11T18:09:42.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.val.run","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 18:03:26 GMT","end":"Sat, 14 Feb 2026 18:03:25 GMT"},"fingerprint":{"sha1":"7E:E4:E3:B1:7C:A0:A2:CF:07:3F:E4:5F:0B:07:BE:03:8A:41:BD:6F","sha256":"DD:C0:2D:61:0F:77:E0:7C:7D:C0:CD:36:8C:86:64:1F:CD:33:65:7B:11:BB:1E:A1:D4:6C:95:B3:02:40:50:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 11 Dec 2025 18:09:43 GMT\r\ncontent-type: text/html;charset=UTF-8\r\ncontent-length: 8549\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f%2BAK4rANIesp8lXrgdNC171GIR2RU9orxqPJCNuWdKfxljjfp74AjKI75qhmtQoZdjyukPyM9LdGqPXmf28uYAuouH1A5AkKXJLX5guYR0VZ5Fy3tkMvbdu0X7hjZ00oQZnJdZ%2BqWPAqE99XM5nDlQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nrndr-id: c25da445-7bfc-47b4\r\nvary: Accept-Encoding\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-remaining: 999\r\nx-ratelimit-reset: 60\r\nx-render-origin-server: Render\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9ac6ef437a520b06-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Render","description":"Render is a cloud computing platform that provides a wide range of services, including web hosting, cloud computing, and application development. Render offers several hosting options, including static site hosting, web application hosting, and managed databases.","website":"https://render.com","common_platform_enumeration":"","icon":"Render.svg","categories":["PaaS"]}],"data":{"size":20512,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2442)","md5":"bc5f1758355b9580035205c814a9cb95","sha1":"abd9bec2b42bc4ad669273d90384685593a139f1","sha256":"561bf7a7acf90301a828799128e70ebed866f1036f264c0404cc550d6dc2db3e","sha512":"068fca6698a57badab6ac41c178cfbabe61b25ad74f52ea4a3ba54751198184b4a566b74fb18cff6fcbc86274e7b8127b847d285f6d962bc4aae83c42fcef1a4","ssdeep":"384:lH7lubp0XTD33iUWD/ZmXg84MOEsllgLNEvRFznuq:X6pmTD3y/TZmXg84uLNEvRxuq","tlshash":"f492f70268d81093028665ddbe75162d19a6e727860f0e84f17f0be66fe3fcdec87029","first_seen":"2025-12-11T18:10:07.121572Z","last_seen":"2025-12-11T18:10:07.121572Z","times_seen":1,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":49,"dns":41,"connect":1,"send":0,"wait":426,"receive":1,"ssl":10},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"coweb--9f495604d02c11f0841142dde27851f2.web.val.run","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open_sans.min.css","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:43.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1386192030/unprotected/cpanel/fonts/open_sans/open_sans.min.css HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Encoding: gzip\r\nContent-Length: 522\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6358,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6358), with no line terminators","md5":"952b5c93a75a89c458fe5093480dd1bc","sha1":"564d17e569cb59cf7043d7f777727c19a3cbda3a","sha256":"17781767b9edf1ebdde3529494d5cb3d8403702893db10258bedd3f9b8002f20","sha512":"d9485a620f3d8220d505e8d2cfd8d1ea30dcc09dbde5631dc1a43335d26394da48ecbe1f9a560856373ef82d0a2cf1865b38209c999a82d40e5ba41285945478","ssdeep":"96:pKAQU+A9nUAAW08A5x0KAE2GAYrYyABrmAo9uAk9v+Awqa:pNBp1L70Db0NzhYUFtBQZkNpwV","tlshash":"b9d1a752c6a8b5db49c7aec239d71472e96d251b901181d3a394c3c8daf338df168f2b","first_seen":"2023-04-06T15:25:07Z","last_seen":"2026-04-05T06:46:40.88654Z","times_seen":7926,"resource_available":false,"data":null}},"time_used":1321,"timings":{"blocked":585,"dns":37,"connect":136,"send":0,"wait":145,"receive":0,"ssl":416},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:43.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nLast-Modified: Thu, 11 Aug 2022 21:35:49 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Encoding: gzip\r\nContent-Length: 32591\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":142431,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (35968)","md5":"00c7c78616de1349974f404a2e00c8c8","sha1":"4835420544fef3f7c671a5c4658fdce396a383c2","sha256":"7a4a889a53bc0c9d721cf22116f2060b0d8205f78a92fecdbd27988095012cbd","sha512":"8fbacbf198bcbe24940843acfd6243422ca99645129316295d65f03686da0ca9a3c5bc3308416b11f49ee736821a7b86856ee67f65bcf72dc095e9deb52826e3","ssdeep":"1536:bimrmUMFTPUC4/pMHGBdcfd7ssjD3xFixF+xFYWxFIDojS6/ZB:b1MP14/p5Bd6dAYNYsNmUB","tlshash":"a6d31db0d50c10d9b376c21fff81b2bca1b9f73ee5664d9af41e991c8ac16980191f68","first_seen":"2023-07-02T14:18:23Z","last_seen":"2026-04-04T09:18:57.186577Z","times_seen":1758,"resource_available":false,"data":null}},"time_used":1466,"timings":{"blocked":586,"dns":36,"connect":138,"send":0,"wait":287,"receive":1,"ssl":416},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:43.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30028\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 10 Dec 2025 21:35:47 GMT\r\nexpires: Thu, 10 Dec 2026 21:35:47 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 74036\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85578,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T08:49:52.292216Z","times_seen":262908,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":111,"dns":1,"connect":7,"send":0,"wait":9,"receive":8,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-c1cf952568b04e468445555bd93435b1.r2.dev/bra0112.js","fqdn":"pub-c1cf952568b04e468445555bd93435b1.r2.dev","domain":"r2.dev","tld":"dev"},"ip":{"addr":"104.18.54.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:43.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 16 Nov 2025 09:12:11 GMT","end":"Sat, 14 Feb 2026 09:12:10 GMT"},"fingerprint":{"sha1":"E6:F2:86:C9:C1:8D:A0:33:A9:2B:F1:77:5A:49:51:1B:F9:54:AB:E5","sha256":"F0:3D:12:EE:73:81:BB:CF:B7:B9:58:C8:4A:3E:41:B5:9A:10:C7:1A:34:81:30:29:54:EC:D5:C0:E0:6A:4E:29"}}},"request":{"raw":"GET /bra0112.js HTTP/1.1\r\nHost: pub-c1cf952568b04e468445555bd93435b1.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 44230\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nETag: \"fa63c2dd1d54b85917c43d09a971d874\"\r\nLast-Modified: Mon, 01 Dec 2025 17:29:36 GMT\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9ac6ef47ba425684-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44230,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (44230), with no line terminators","md5":"fa63c2dd1d54b85917c43d09a971d874","sha1":"23d0f295e16b920ccbce11b5e1acf8a7e65afeb7","sha256":"72c82b64ae4247c88534aa9d69db797d71c499349a3afe1fe58ddd5219145e95","sha512":"7c863ef9c0f1ccbd281af02b23abfad127fd21f5475cb945e18c305f9e7f26bc253706cd752948ef0773422ba922d28e21d40706fe135f5882b6af8fb7447b47","ssdeep":"768:m6oJwZQQrckY+AFCVonAy2ybbGkrPWozdZDSo4DSiJV+7Kmy7ZwNHfHZRN88fTGB:foatbGX42GoZ8GgHFqbzt3+g4M4e5kpx","tlshash":"a513548177c1799613579f77332bb0e5f82a4cd97588088be101fca0f8ee616ead6670","first_seen":"2025-12-11T18:10:07.125487Z","last_seen":"2025-12-11T18:10:07.125487Z","times_seen":1,"resource_available":true,"data":null}},"time_used":728,"timings":{"blocked":74,"dns":68,"connect":1,"send":0,"wait":566,"receive":2,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"pub-c1cf952568b04e468445555bd93435b1.r2.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1660251973/unprotected/cpanel/images/icon-password.png","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1660251973/unprotected/cpanel/images/icon-password.png HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 450\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":450,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"7ac1cefcb7eab93c6d6981ecde6c1635","sha1":"1523f8cb80ab19108549d0b7db31a58b71c05d39","sha256":"a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053","sha512":"0005559a3edf6aa149f47c0d2c7c6c385257ac5168fd57951497cfa244b155eeff3955538db93fc40f6622b9b216f030b27ad73df53dbe8bcc9874148a383d3a","ssdeep":"","tlshash":"65f023d3fa981c3cdae91473933b1018b426284a4203273e055dc42612e8dd801251a5","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.884486Z","times_seen":9707,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":119,"dns":0,"connect":0,"send":0,"wait":137,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:43.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 11 Dec 2025 18:09:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9ac6ef477f2756aa-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: US\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"67176c242e1bdc20603c878dee836df3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-proxyver: 1.07\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 12/15/2024 13:11:59\r\ncdn-edgestorageid: 1232\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-requestid: cfb80e189243a5697be527a7aeb94f63\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncf-cache-status: HIT\r\nage: 1852364\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-05T08:10:55.512013Z","times_seen":120624,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":37,"dns":21,"connect":6,"send":0,"wait":11,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:45.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.ttf HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/octet-stream\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 38452\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16077,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 19 tables, 1st \"FFTM\"","md5":"372fc1a7f4cb3b27c9a882ad32b9a896","sha1":"616de1feeaaee2d9876a178b03cabcd6ec35cf10","sha256":"059b0a3c84f25dffbef834c221ea483bfad7da340d1b344a7458902c937cceb0","sha512":"dfd9be0aa9ef9acaf77b376912181e46d5ff3e96b8fd49ed07c261913a2e7b986ca0150813535618986fd09e82c6ebc7fdd3b992b73eb0b49edcec9aa692a7aa","ssdeep":"384:EUcccw6gbaZ1lxwLmYflbpyNsfiZ49qAk6ILdG:EUcccw6N1UqgbpyNsfiZMmG","tlshash":"d0724a059355cb0af2183d3846edb2c3ce9ce1110e3a931f6aee5956ecc30ea5db56d8","first_seen":"2023-05-08T01:50:41Z","last_seen":"2026-04-03T23:28:47.699169Z","times_seen":2024,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1560308612/unprotected/cpanel/images/webmail-logo.svg","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:43.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1560308612/unprotected/cpanel/images/webmail-logo.svg HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/svg+xml\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Encoding: gzip\r\nContent-Length: 2399\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5360,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc0c956653325b9e694d4dd1dfb78020","sha1":"e1196e4db68ed573355ade966152a084581b40ec","sha256":"998cd48cdc0414f694d0a3a299dd2beb1134769d5666c7e5567e7d20b4174ef8","sha512":"7c283e8723f01f57c7258ea05aa5d7a72a886246ede76136f2d4dc489061d8400aa4b5f8e61f23f2388dd95fea7307faa2670af09b309fab6678de16e547ae4e","ssdeep":"96:adP/9O0DSiREkC9u8S0CKMEJPSeIWF/1BPHyg6tzzP2943Y8s/kTcUazSTTD9:gO02AlAu8/CKFdSe//zx6ZzP2Wot8TcM","tlshash":"d0b167f5d3b053f47ec34f6cd625a6d0f19bbdfd4aa0838091b48358a8c4ac9e948878","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.88794Z","times_seen":8499,"resource_available":false,"data":null}},"time_used":1011,"timings":{"blocked":874,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1660251973/unprotected/cpanel/images/warning.png","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:44.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1660251973/unprotected/cpanel/images/warning.png HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/cPanel_magic_revision_1560357916/unprotected/cpanel/style_v2_optimized.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Thu, 11 Aug 2022 21:06:13 GMT\r\nDate: Thu, 11 Dec 2025 18:09:44 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:44 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 1060\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1060,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced","md5":"a64b8c7407bf94cc4448cb210bb882e7","sha1":"a526cf52b2c5b6c2d0409b886de4aa968000fcd8","sha256":"7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b","sha512":"aeea5e9418c62ba9bb896db6ad89b2e8c13f174b10d3960c4d67878ba8c0fb3ce8524515716c120548876131d1f8192c36cb52e48cfd801f8f037a3abe65d179","ssdeep":"","tlshash":"261182ddb608c8baa94369b592fbf02168b9801e9847022c8948d8132f59a68e57235b","first_seen":"2023-04-08T05:54:15Z","last_seen":"2026-04-05T06:46:40.885407Z","times_seen":8394,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sh001.webhostbox.net:2096/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf","fqdn":"sh001.webhostbox.net","domain":"webhostbox.net","tld":"net"},"ip":{"addr":"162.241.27.10","port":2096,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run/#Z2VuZXJhbGJ1Z3NAemlwcGVuaG9wLmNvbQ==","date":"2025-12-11T18:09:45.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.webhostbox.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 May 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:C6:A9:6C:1C:4C:BE:E1:DF:00:DF:B9:E0:D4:C0:90:4C:28:8A:22","sha256":"F2:69:4A:A8:DC:E9:60:61:D3:BC:0B:13:57:EC:4D:22:DE:73:24:A3:BE:E5:53:1E:53:9F:BF:45:B5:14:3F:D6"}}},"request":{"raw":"GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.ttf HTTP/1.1\r\nHost: sh001.webhostbox.net:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://coweb--9f495604d02c11f0841142dde27851f2.web.val.run\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sh001.webhostbox.net:2096/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/octet-stream\r\nLast-Modified: Wed, 30 Mar 2022 03:16:35 GMT\r\nDate: Thu, 11 Dec 2025 18:09:45 GMT\r\nCache-Control: max-age=5184000, public\r\nExpires: Mon, 09 Feb 2026 18:09:45 GMT\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 38232\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32461,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 19 tables, 1st \"FFTM\"","md5":"f434fc719e80549798a156f30feb2893","sha1":"fdfee46dd34cfd139ffad91c50710756ed3a5796","sha256":"5b8ac7d139d219f6eefa4a7a335981ea4f2dcd36461477ae629faea5434c5683","sha512":"2f8e0e5933616c3cbd86dcf143951c6592f7bee25999cf2f1500941587942074e2c3b7cd04906a296c8ec8aeffec11921763cb0bb555e50cb5936de4d5ad6e9d","ssdeep":"768:JF4rcccw6N1QvZSWOMcvnnPCJXQ4ezeWBT2KDHT:b4lW+v8WOMcfqJXBezeWBT2KDHT","tlshash":"85e25b0ab3968b86f6253e7509acb3c2c45cf0252d269b5faadd1b18d9c31ed1d702cd","first_seen":"2023-05-19T00:28:23Z","last_seen":"2026-04-03T23:28:47.691546Z","times_seen":680,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-11","alert":"Sinkholed","trigger":"sh001.webhostbox.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}