{"report_id":"581dfbbc-1ec1-47e5-a77a-41d53138180c","version":6,"status":"done","tags":[],"date":"2025-12-24T02:23:42Z","url":{"schema":"http","addr":"secretbox.cfd/","fqdn":"secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"104.21.16.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.secretbox.cfd/","fqdn":"www.secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"title":"SecretBox","dom":{"size":13786,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (10223)","md5":"518bfe61fe4f4f5cc5f72ec3d007e736","sha1":"a5d155afda9e375db3652521da30f41d5bc03678","sha256":"d9e3d9268340739c28836e2ddc71a6bfc4fde89fe18493fbf455606eaa7c848e","sha512":"5763572336330a3f7d4101f054e822e1838f87e9b19681acefff06187bf57e8efba838a84cefb5fe8b270d391463f22017a290d4fb4c4b58b7215fb6ace624e4","ssdeep":"192:Nhw6e57JXeS7JXex/27xRTsfWGUsfzR9mzd+WbQasfevgY70FQVK57rM:N0LhL7H4FzR9mzd+WbQygCK57rM","tlshash":"3452b665e110003b2d93c4eaf5d5f908f62a51c1de3ed6fabac58001afdb5b799cb604","dom_hash":"domhash6bcd14207aac66da01fa0d1214e5dac8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"secretbox.cfd/","fqdn":"secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"104.21.16.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-28T02:23:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"www.secretbox.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"secretbox.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.secretbox.cfd","ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-25","domain_rank":0,"first_seen":"2025-12-24T02:23:42.796758Z","last_seen":"2025-12-24T02:23:42.796758Z","alert_count":3,"request_count":3,"received_data":255874,"sent_data":1354,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2025-12-22T01:13:25.712556Z","alert_count":0,"request_count":2,"received_data":815948,"sent_data":826,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"secretbox.cfd","ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":2491,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-05-31T05:07:32.714023Z","times_seen":38661,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.secretbox.cfd/assets/index-DPV7fTRs.js","fqdn":"www.secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b8135ffad37f82df9786437ea0bbb1e","sha1":"fd2ed1cf073bd417087de7a6521a3b155177f3b5","sha256":"8d5e098a1b26bb3c2a11d9e683a30a946352e92486a47aa92605e3f40dc57f24","sha512":"3743a879b2df89c285fb5f33b027976f5b539528aa5d2b6ec9b4617ce26a7c480b9c3f70baeabb0d37491a552882848af062baf3bb7843b5b160b855e905d1ea","ssdeep":"3072:6uECHjzcgbUQvimcr5DNpXvkSCRLCvBK8SiZR5oc8EAxSc6vgLIkwOhbF7zjkoCK:w/joZ0Z4agzW9wyK","tlshash":"61344bd871beb62a6f6345a500af1507b13c2933640d8cb0f164ed6a767844a60bbffd","size":249493,"data":"","first_seen":"2025-12-24T02:23:47.321125Z","last_seen":"2025-12-24T02:23:47.321125Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.secretbox.cfd/assets/index-DPV7fTRs.js","fqdn":"www.secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.secretbox.cfd/","date":"2025-12-24T02:23:19.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secretbox.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 21:46:16 GMT","end":"Mon, 23 Mar 2026 22:44:54 GMT"},"fingerprint":{"sha1":"C3:0A:47:78:93:92:CC:23:DF:EF:BF:B2:E7:CE:4F:F5:D5:39:77:D8","sha256":"8D:1C:39:48:36:58:91:E4:47:DA:45:8D:DA:D4:6B:22:00:D6:F4:08:7F:CD:A7:74:20:47:8F:C2:D0:C8:51:6C"}}},"request":{"raw":"GET /assets/index-DPV7fTRs.js HTTP/1.1\r\nHost: www.secretbox.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.secretbox.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncontent-disposition: inline; filename=\"index-DPV7fTRs.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Wed, 24 Dec 2025 02:23:20 GMT\r\netag: \"8e1b853ec6c58c81283f6ec5e49e35c5\"\r\nlast-modified: Wed, 24 Dec 2025 02:23:20 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::kxrsx-1766542999989-0e6ed524a37b\r\ncontent-length: 76481\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YyqRM%2FkmLCFBPJkUaZcbJKLnt8yd1xPeY24%2BuTZBXnoNIPToM92FttX02rqMcuUX%2F%2BTlctoFzISLviTGJMBmuPfvA0bOE29hfvt7t3TNgg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncf-ray: 9b2ca2d52f18569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":249493,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (41826)","md5":"9b8135ffad37f82df9786437ea0bbb1e","sha1":"fd2ed1cf073bd417087de7a6521a3b155177f3b5","sha256":"8d5e098a1b26bb3c2a11d9e683a30a946352e92486a47aa92605e3f40dc57f24","sha512":"3743a879b2df89c285fb5f33b027976f5b539528aa5d2b6ec9b4617ce26a7c480b9c3f70baeabb0d37491a552882848af062baf3bb7843b5b160b855e905d1ea","ssdeep":"3072:6uECHjzcgbUQvimcr5DNpXvkSCRLCvBK8SiZR5oc8EAxSc6vgLIkwOhbF7zjkoCK:w/joZ0Z4agzW9wyK","tlshash":"61344bd871beb62a6f6345a500af1507b13c2933640d8cb0f164ed6a767844a60bbffd","first_seen":"2025-12-24T02:23:47.321125Z","last_seen":"2025-12-24T02:23:47.321125Z","times_seen":1,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"www.secretbox.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.secretbox.cfd/","date":"2025-12-24T02:23:19.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.secretbox.cfd/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 02:23:19 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::jwcjr-1765212281299-f54ecb125284\r\nlast-modified: Mon, 08 Dec 2025 16:44:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1330718\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qIQleDvmpB6%2FB618D40YJVkXwAb9gxsUgfe9bBJPLMwnapQXnM5zQDzJiuZV8SFCNmT0Br2MauvYKuY4uIAcivUOU8In5IshIIqUeCT6pbo%3D\"}]}\r\ncf-ray: 9b2ca2d5487a5694-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-05-31T05:07:32.714023Z","times_seen":38661,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.secretbox.cfd/vite.svg","fqdn":"www.secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.secretbox.cfd/","date":"2025-12-24T02:23:20.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secretbox.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 21:46:16 GMT","end":"Mon, 23 Mar 2026 22:44:54 GMT"},"fingerprint":{"sha1":"C3:0A:47:78:93:92:CC:23:DF:EF:BF:B2:E7:CE:4F:F5:D5:39:77:D8","sha256":"8D:1C:39:48:36:58:91:E4:47:DA:45:8D:DA:D4:6B:22:00:D6:F4:08:7F:CD:A7:74:20:47:8F:C2:D0:C8:51:6C"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: www.secretbox.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.secretbox.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nage: 2392446\r\ncache-control: public, max-age=14400, must-revalidate\r\ncontent-disposition: inline; filename=\"index.html\"\r\nvary: accept-encoding\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Dec 2025 02:23:20 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WuY0EgeHSTwyJdt4gG6WNcCrVJ7f96ACdNVaWlTn3DytPcTtYk98CoQ5bbWUuVT%2BmM2AUumkMuB%2F137HafjQN2MSg3p8B1fTvt4LcR%2BFug%3D%3D\"}]}\r\nlast-modified: Wed, 26 Nov 2025 09:49:13 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::klvvl-1766543000561-d40ce9d6444d\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\ncf-ray: 9b2ca2d8af24569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1792,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"a5eab68b4ef4e36727a6e46d5c3fb043","sha1":"cf5e536f099f79dfa488559b0f173bdfdacc035e","sha256":"1c46c880af851f44d6647df961c2e14e4a298ff0f33c8fe6d66749f8f9397c00","sha512":"7045e0da9ecab521c6a954d3bb5c6d5666deb65af273912a86414fc8ea475010c220c245d74ae0c6215f560220fe8b78278f3df9857f4c14d0bfd3e51407247d","ssdeep":"","tlshash":"2d3148fbc4540e539ee0a1cab4537048e31245ab4ea8e5c57be8d0590f098eb7b6f94c","first_seen":"2025-12-24T02:23:47.322954Z","last_seen":"2025-12-24T02:23:47.322954Z","times_seen":1,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"www.secretbox.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secretbox.cfd/","fqdn":"secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T02:23:19.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secretbox.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 21:46:16 GMT","end":"Mon, 23 Mar 2026 22:44:54 GMT"},"fingerprint":{"sha1":"C3:0A:47:78:93:92:CC:23:DF:EF:BF:B2:E7:CE:4F:F5:D5:39:77:D8","sha256":"8D:1C:39:48:36:58:91:E4:47:DA:45:8D:DA:D4:6B:22:00:D6:F4:08:7F:CD:A7:74:20:47:8F:C2:D0:C8:51:6C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: secretbox.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Wed, 24 Dec 2025 02:23:19 GMT\r\ncontent-type: text/html\r\nlocation: https://www.secretbox.cfd/\r\ncache-control: public, max-age=0, must-revalidate\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::5x64b-1766542999299-d8bcc7c3111d\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=REFyizxSZb6u4Rw55oGbmtedRTsrcpltK8Vl0Lj4XoZQ4jC7yMGusis3Tz9s2WcMBjwXyPzo0gv53IFM4X8xwove%2BmnB3ncSMdJ7GgQ%3D\"}]}\r\ncf-ray: 9b2ca2d14bc5b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1792,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":60,"dns":41,"connect":1,"send":0,"wait":66,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"secretbox.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.secretbox.cfd/","fqdn":"www.secretbox.cfd","domain":"secretbox.cfd","tld":"cfd"},"ip":{"addr":"172.67.212.116","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T02:23:19.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"secretbox.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 21:46:16 GMT","end":"Mon, 23 Mar 2026 22:44:54 GMT"},"fingerprint":{"sha1":"C3:0A:47:78:93:92:CC:23:DF:EF:BF:B2:E7:CE:4F:F5:D5:39:77:D8","sha256":"8D:1C:39:48:36:58:91:E4:47:DA:45:8D:DA:D4:6B:22:00:D6:F4:08:7F:CD:A7:74:20:47:8F:C2:D0:C8:51:6C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.secretbox.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nage: 1727774\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\nvary: accept-encoding\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Dec 2025 02:23:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MBGhTmXu%2BQJ4pGPURsC4kErow7UVWxH84WYv8mWOUkhOk1gi4V2ovy2TRl4n5U2NxsXn48RZBvy%2F%2FsuFnfBLIaB7ImYYa7vzeIrqOHSOZQ%3D%3D\"}]}\r\nlast-modified: Thu, 04 Dec 2025 02:27:05 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::7dv7r-1766542999519-f34ab030a737\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\npriority: u=1,i=?0\r\ncf-ray: 9b2ca2d22f05569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":1792,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"a5eab68b4ef4e36727a6e46d5c3fb043","sha1":"cf5e536f099f79dfa488559b0f173bdfdacc035e","sha256":"1c46c880af851f44d6647df961c2e14e4a298ff0f33c8fe6d66749f8f9397c00","sha512":"7045e0da9ecab521c6a954d3bb5c6d5666deb65af273912a86414fc8ea475010c220c245d74ae0c6215f560220fe8b78278f3df9857f4c14d0bfd3e51407247d","ssdeep":"","tlshash":"2d3148fbc4540e539ee0a1cab4537048e31245ab4ea8e5c57be8d0590f098eb7b6f94c","first_seen":"2025-12-24T02:23:47.322954Z","last_seen":"2025-12-24T02:23:47.322954Z","times_seen":1,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"www.secretbox.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.secretbox.cfd/","date":"2025-12-24T02:23:19.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.secretbox.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 24 Dec 2025 02:23:19 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::q8xtr-1766542555397-7ef79370dcc8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 444\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jx1wFspCGSWvnNrZUhOFtqj%2Fz0rPdeCek61cC11oNbujixqcnkPwfxTSONOQug0Rr7wqWrLkCRhAvtVDDIKXk1I5iMKB8abVqdzc%2FxIGhH4%3D\"}]}\r\ncf-ray: 9b2ca2d538765694-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T05:23:22.948737Z","times_seen":15945479,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":16,"dns":1,"connect":1,"send":0,"wait":5,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}