{"report_id":"5fdd1468-9e15-4643-a1b1-f4b6c3ecd82c","version":6,"status":"done","tags":[],"date":"2025-11-11T13:20:28Z","url":{"schema":"http","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"title":"REWARD Portal v2 || Latest Web3 Wallet","dom":{"size":3621,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e4793ce70938f8bac45eec3e7035b219","sha1":"756cb13954aea6be51e65e06c97f18ecee31d0bd","sha256":"d7bcf1a9546f89d97413c85822aa205da652ec50aa74c6145bb7d228d5c0f09a","sha512":"613df3c583c551ba2d59c9f6bd7d3c612bdc2856bf818fb668a1f51f8985cd7030ffce7f24c47e3e57eb1cf048e581cd6b8a30eeed2be35111ae5edf90647fd8","ssdeep":"","tlshash":"aa7132e184b0a5271163c1daaa615b5f26a1e6078fcaf91532fc97ec3fd3c91d41348e","dom_hash":"domhash4cd30f56bd5fcb3bd0196ff486cabeac","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-16T13:20:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":10}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:20:11Z","timestamp":1762867211,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.16","port":42546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2025-11-11T13:20:11.466028+0000\",\"flow_id\":1837671417380842,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":42546,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3432,\"start\":\"2025-11-11T13:20:11.458730+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"2025-10-12","domain_rank":0,"first_seen":"2025-11-03T13:57:07.007765Z","last_seen":"2025-11-10T20:01:29.032854Z","alert_count":4,"request_count":1,"received_data":949,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"ebpm19.top","ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":31,"request_count":9,"received_data":177999,"sent_data":5757,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.6","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-11-09T22:18:20.349235Z","alert_count":0,"request_count":6,"received_data":474200,"sent_data":4487,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"corsproxy.io","ip":{"addr":"104.26.6.163","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-30","domain_rank":175528,"first_seen":"2016-05-19T01:27:08Z","last_seen":"2025-11-05T17:46:50.91758Z","alert_count":0,"request_count":2,"received_data":4007,"sent_data":1041,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ipfs.tech","ip":{"addr":"143.244.56.55","port":443,"asn":60068,"as":"Datacamp Limited","country":"France","country_code":"FR"},"domain_registered":"2020-05-28","domain_rank":57535,"first_seen":"2021-02-03T21:11:02Z","last_seen":"2025-11-07T06:56:41.819085Z","alert_count":2,"request_count":2,"received_data":2458,"sent_data":889,"comment":"","tags":null,"fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"ipfs.io","ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"domain_registered":"2014-05-16","domain_rank":19271,"first_seen":"2015-09-09T04:41:36Z","last_seen":"2025-11-05T12:53:41.440147Z","alert_count":24,"request_count":12,"received_data":414059,"sent_data":6546,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:20:11Z","timestamp":1762867211,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.16","port":42546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2025-11-11T13:20:11.466028+0000\",\"flow_id\":1837671417380842,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":42546,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3432,\"start\":\"2025-11-11T13:20:11.458730+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ff03fc8f0c3179fb4dcf4389f88a1c16","sha1":"05ff911d7ddf2d7c14b4316a87fd08f42c618f9f","sha256":"025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece","sha512":"4acb3551ec49556a2a64f4a47e480df29f611f67d0ef4b2474e90f7b86caed3dedb0b56eba12e577f1401d4d701c9a4f0898a06eee8f6d7dbe3b4b5283a854e8","ssdeep":"","tlshash":"4f60000000c000000000030cc00300003cc0003300fc0300c30c003000cf3cc0000000","size":14,"data":"","first_seen":"2024-12-12T23:50:40.182598Z","last_seen":"2026-05-01T12:56:58.912641Z","times_seen":262850,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"61f6b7637fbd18ecaa1ee5fd7252887f","sha1":"20e209baaec321a2f37c28ef4a772d9e90731920","sha256":"13f18765978e14cacd8108f1c9ec10ec2bf28206e1078091ebca322114d5fbb8","sha512":"42ea86928a385d712a374cd5492aa6c41d3e938a5c00f4b54e26ad558c906ff75e2d653d68c29d4ef54b56b78080a87110191d1b07a12762e84d1182161e4ad4","ssdeep":"3:N/BKL1X6I5T:eL1KIp","tlshash":"845504c05c4031700550cc01d5d45417700d4401305d4401715d15d537710001417dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.907436Z","last_seen":"2025-11-11T13:20:41.907436Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"136c57eae25e13243adfbe278a17e96f","sha1":"a3f76b7a893582f7d891d599104b3a0a88a62466","sha256":"53e2b1ac23af00f0bdc01613177bad98d121f62fb76c68fb556be10983ebc0ae","sha512":"044e32eb05c7f8c74e9c0118e1737727f08f91d59c02504696bea99b891e4ff6947c5e300de70235c35afa45fa32750727e8d75e621b363d3f9a7cceeda30f35","ssdeep":"3:N/BKL1X6IMTP:eL1KIW","tlshash":"7e5504c0fd4071700470cc00d5501417500f4c01101d4c01f17d35d517301004111dc4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.909374Z","last_seen":"2025-11-11T13:20:41.909374Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a6ba17d1afb6e1012e7d804b15a04a18","sha1":"98c54cef0021703500c2ac4f95d07475a24f8e2e","sha256":"72746fa90a9c68169f6da3d8398f7ad7ec0c99f18bc3e3cc45f47133feba4c74","sha512":"b3590f065265e6ca617759d9513efddb0f0a1800d0415450975590dc70652a1e5628727a003e9b4270b0e6fec111e66cf9e8a31924313f9805686b8fabad4464","ssdeep":"3072:skb70m365YPUmH4hEBhk0+GIEDT+yH91bR21:sS70mqqc+MGI5yHc","tlshash":"1de30acd34cb79c5932621614017f1ceb1fa6c8c21189e5cea019de178ea7a4b16bff9","size":153139,"data":"","first_seen":"2025-11-11T13:20:41.911143Z","last_seen":"2025-11-11T13:20:41.911143Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"67a9dc564ca27fea39f69daf68e9ca3a","sha1":"5c0d48c4a3ed20ee581334fe8c3e1cd25655a74c","sha256":"0f3e5196302210b13d7c9f574754394799ae1a36856e167fc3e7f063267c0af6","sha512":"0b06720a3301d122ad9d7ca49242d8ca3f8454de9e6495aca3cc5365e3723b221fba1772054c30ffbfe9a2e581c61c5c702a5b3c1c9bcd973c82428180ec24a9","ssdeep":"3:N/BKL1X6I4n:eL1KI4n","tlshash":"9a5504c45c4031700454cc00d5501417540d440110dd4401715d1dd517310404051df4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.913264Z","last_seen":"2025-11-11T13:20:41.913264Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"15c30928cede606e7d19ee753a4bf75a","sha1":"0b34651d5ff079af9e7ee5d8ef85117257c5be4c","sha256":"a3bef81947157be5adbd4107e0f179bf79260e2d93b19e474c8f3f394a14110d","sha512":"5109432c093e88273f877b2fbf9b72d78139f4b9baabaff23cd81544354b474197a66393beecb35f3936340c54074aafad1ca4cfef3fbaa60950b4f31502e0d0","ssdeep":"3:N/BKL1X6IARX:eL1KIARX","tlshash":"f55504c05c4031710450cc10dd505417500f4403305d4443f35d15d517714000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.91522Z","last_seen":"2025-11-11T13:20:41.91522Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"33ff6022e88df59f8dfc9eb546435e9c","sha1":"7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4","sha256":"a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a","sha512":"99820974c649620d8dfd487054edee4863ca41025de5a87fcd6fddfafbecb53668799fdde6f7b809112fec178b18f28a9ff8e190d298aff5a29c6795ad639c25","ssdeep":"","tlshash":"0c600000c0303003000f3000f00000033cc000f0cccc3003030c00f000c000c0cc000c","size":14,"data":"","first_seen":"2024-12-12T23:50:40.556614Z","last_seen":"2026-05-01T12:56:58.96029Z","times_seen":264119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"951e9b8dd1a6524002da82cd50b72b85","sha1":"fe216be19381c8817ad448a80230f361f46fca81","sha256":"4bb8b2f33bdab476a2818143acbdf49e7ba4c40f480ec36584bf3b4fae02e664","sha512":"5ccfdbd4226714d025b6e65667abeb43b41446b0114bd32ce81cfb565d3b7f120c323a7fff5dbba31d4c855cd393a04beb0360d7786d044bc78ae0d0441f9b19","ssdeep":"3:N/BKL1X6IM:eL1KIM","tlshash":"215504c05c4031740450cc00d5501437500d4401105d5401755d17d517311000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.917984Z","last_seen":"2025-11-11T13:20:41.917984Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"633c9dad7e756decca109e91e62a4a1f","sha1":"26c68fea2ec64f8edfb7e1d004ec5914fbe39807","sha256":"c1b7c8153ecf6edae25d7ad87c58659ef287ac7cd6d84a4702c28bca6647ae3b","sha512":"a247d010bbbce37199214d58d88a0ab49878926a7371ef71505f69cd3810bb4dac30ec75e0a93d8651337b2812018762ac46d7c23ef3ab0646099f2b32b062db","ssdeep":"3:N/BKL1X6Ixi:eL1KII","tlshash":"165504c05c4031700470cd00d554141f501d4401105d4401715d35d537311110111dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.9196Z","last_seen":"2025-11-11T13:20:41.9196Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust.mypinata.cloud/ipfs/QmbCXz6d2JqiL9FfHq3VvzngMGAjPbH43j3M9DigKToQ6V","fqdn":"trust.mypinata.cloud","domain":"mypinata.cloud","tld":"cloud"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4103babca7d55d40d9de58f047c83c07","sha1":"7e1ff239691b915ec8ba0f3d5350515f73565fa7","sha256":"d477d994092e50b6a6a4f23f8bf5755535bd0646bd6277ee058a63d5bdb31ecf","sha512":"655d2f560f86005201e1377a651d31f2ac39a49ebe464d45eea7f6806a1ad6416b1975d9e395ae141b324de5f4fa42e0e236ebc6efaa4cca92aa9e468e9e5754","ssdeep":"6144:27FJ6ynslmKByDMdXtQy8BcZknN5I00FqNe3Nz0hgVgZg5eOHr+1iaMPWWY/oH+H:2wmKByDMdXtQy8BcZknN5I00kNxgVMgC","tlshash":"b964204b21b93d9d71207998f1a2148addacdb814bb4772abc71c2c3f898f51a5e1f31","size":323682,"data":"","first_seen":"2025-11-11T13:20:41.92106Z","last_seen":"2025-11-13T01:17:02.137736Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a6099d0492e705c7aff514baa122d3b6","sha1":"83e242ed302241c15c53724c64fd39235bed51a3","sha256":"ed6ee63d3f20612ebf29b1c6c4e339dd70255d8290cf1fdc0d796ac0931bd397","sha512":"d165aad9cc3d328800467649d7ba1175987285f27a8cb99dcc4ec0f60ca63a412cb9c235fedfd3cc0a255bd4356bb5d7914a7ef042b902e7b0afbc1064886559","ssdeep":"3:N/BKL1X6IHdn:eL1KIHd","tlshash":"235504c45c4431700450dc00df501417500d4511105d4c11f1dd15f517310000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.923177Z","last_seen":"2025-11-11T13:20:41.923177Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3e4864ac91a3d61449a701bc8b443f05","sha1":"41d183ae02565b61b047f97f2e1fcf450d6ebb82","sha256":"56c253b4b580cbb01d03282abf4df4771bf11a7d62a5fbc99ed755b1e7db0fd0","sha512":"3a253d540fa14742a708b31e49b4a9c28e5b3cacc84064a4be518d46972561742c9f48832f2f49b2af390574c8089217b72a4e40f722770cedb329d0292abc97","ssdeep":"3:N/BKL1X6LccA:eL1KBA","tlshash":"d45504c05c4031740cd0cc00d5711437504d4c41101dc401715f05d41f300000031dc4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.924709Z","last_seen":"2025-11-11T13:20:41.924709Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"580722e105b5015c26d3853a610f4c43","sha1":"5c2c77843ef64bcdfad1a90397075ef2970bdb68","sha256":"8a442cbe175e39e489f2e0fc1e089dc799e95f06a46d104d7a52ad60557a5425","sha512":"428febd86f6df48740c5dfe25aab6f587f35dd0d05510255b749a3389c3e46a48c071643e624fad41ec00690a8a983cbc95786a5d70c1885c5c493a77dede28f","ssdeep":"3:N/BKL1X6ISn:eL1KIS","tlshash":"125504c05dc031705c70cc00d5d0141f500d4401107d4501715d15d557310000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.926139Z","last_seen":"2025-11-11T13:20:41.926139Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d6f0fde964adda6abed4ff31e41974b6","sha1":"ae2e22b89360fcb09c5fc38d62715327adb23a12","sha256":"f496669fb7ecfa7295a50ed6956b01580e391ef34532073401e16dc53ceefc94","sha512":"d99298f762eb6ea9d3cd458685e95c5058991704ddf2de0c4435dc1e0b9cf5ff30bd8324c2cd1726e31218ccfc33c41e8724e4bc02d1f0b208ab247125c7b32b","ssdeep":"3:N/BKL1X6Izn:eL1KIzn","tlshash":"bc5504c05c4031705450cc00d5d0341f500d4401105d4501715d15d717310000411df4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.927612Z","last_seen":"2025-11-11T13:20:41.927612Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1db614fb2d4cf177e7b545bfd656dc59","sha1":"05ca50ccc3cae5a1495c55a8756758d62e4d4fc4","sha256":"cbd0f7a9674a8fb29c82f0b5d5d3669e843d860a5aec38bcf1bdbedcccbcc4f9","sha512":"3be19f7782af2e0cacdddf19839e081cb139cf551951aa99ff0afad2119ccafdd309b14bcc95fa44d12b6da09d8e390bef03f23bd007e6fd7e82908917e18468","ssdeep":"3:N/BKL1X6IxT:eL1KIxT","tlshash":"fd5504c05c4035700451dc00d5501437740d4501105d4401715d15d717710011011fd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.929089Z","last_seen":"2025-11-11T13:20:41.929089Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f6647c99f3ef23708ba55b5b00b09364","sha1":"a8571f8369cdc71ab132b2dd4d32d69849265c9f","sha256":"643c5f8e9d5d40397b1cb356dab4ca8de82c8f9be8f96c61f769d6d693088b1a","sha512":"0a5d3bea0b1114196867ae3a004cb6bc994e7f7c174f34f7481e77f0dbd2fc809c990e0e3b1396c2f2a439991810533847249782d349a8a33f2b9dbbd6337975","ssdeep":"3:N/BKL1X6IMVZ:eL1KIO","tlshash":"f65504c05d4031704470cc40d5501437711f4401101d4401737d15d517300000111dc4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.930566Z","last_seen":"2025-11-11T13:20:41.930566Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0d980239383ce998113859dc52187a6d","sha1":"5d46cc55009360650774d2d919dea477ce31fdb6","sha256":"8920bf56480392f49f8bcd5f54b1500b0d3d90c60382ad84aba26dbf17136209","sha512":"793161f6521986ae8650140522d6663d50b7b584188febfe1a8b4ac01fc4a7d73a4d2ba7d0e1a35c0053de818c3a6fc164806eb6505f4597cc68c7f6e1ff7b3a","ssdeep":"3:N/BKL1X6Iqn:eL1KIq","tlshash":"b25504c05c4031710450cc00d5501417d00d4f1154dd4c0573dd17d517310000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.932182Z","last_seen":"2025-11-11T13:20:41.932182Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"51eba80e0fb0c181b74108ddc7d55188","sha1":"141a097a3e47858682c7ddf5fcddab3cf6c1d8af","sha256":"5567596d52077214d5526d8bc0876b9cce2fff324acc0c4a606091384be0b5c8","sha512":"5b8bd28922ca2c07719d66113837c53f475f3bc43b4820e86540a3b27bfce594ad39dee431be247cc656b58332a47833df260f80b0623736abe7729d13e4d05b","ssdeep":"3:N/BKL1X6IKn:eL1KIKn","tlshash":"da5504c05c4031f04450cc00d5d01417540d440110ddc401715d15d517310000451dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.933708Z","last_seen":"2025-11-11T13:20:41.933708Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"27ac9c9eeaf77b350bfdfe89b2c70a46","sha1":"fac337cfdb51b31838f9dc119122dff8c258db09","sha256":"0a0e202d80c94f018f138a8fa35900fc694e32ec4c10921c4ea268aebf2b5748","sha512":"a116d48af036fb44b9b0fd38d89ed537b171844418e36cde8634035a0dd2e12f488074f6dd209cf993b315019c28de9be9a81c8d476d34af747eefd637f1b4e5","ssdeep":"3:N/BKL1X6IQEn:eL1KIQE","tlshash":"e85504c05c4071700d50cc00d5501417501d440110dd4401715d55d717310000413dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.935099Z","last_seen":"2025-11-11T13:20:41.935099Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"11ea7ca157944dd6705bdddcf5d9ac32","sha1":"24ccb39cad8b93f8af00f44720875f77d69c1e89","sha256":"cc43a12295defa77dcab8baf2324471fb158e7944d80c2e4a11ee65c19c53dc9","sha512":"78674038b99d438c8b4c972bb2075db546cceaa65c62e930423654d11fa5ee12a45092633738f604c03a0025b04b411519bd861a3802898a401c3bbf6771379d","ssdeep":"3:N/BKL1X6IMSan:eL1KITan","tlshash":"485504c05d41317014f0cc00d5501537500f4401101d4401717d15d517301000131fc4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.936627Z","last_seen":"2025-11-11T13:20:41.936627Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/bbe92528df00/api.js?onload=ULCKu2\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c78847a203844e5651660347afb97def","sha1":"61e413a615293388a7ddd854fddf33fcd2f3e254","sha256":"800599c0d8539282ff61d457dd834ddf03f37866e7c113e990f2e70c6d77944e","sha512":"7def656365490eea56a16fc1e08f0036db80b765171326a1a53abb91a64c7451873be040ccc095b74c482bce674b157c0789619a75f66655ce5f667b2084b43b","ssdeep":"768:TiCMrW002bMnnL/PQ8bw08n1SnAeWMRe0SsKosrUxnHKeQiAeGE3VNgwSxA0S5+Q:TXr2YnnL/PQ8dvnA7M1aru7","tlshash":"53233b583156387267e980e4607b63437325793ae94ccc50e827d936366cecad237fba","size":49897,"data":"","first_seen":"2025-11-11T11:45:52.92656Z","last_seen":"2025-11-11T13:42:08.806473Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a061604d5ecc85ded83372692e11b30f","sha1":"13fc30c25911d21b94f4941e66fed85b51f74066","sha256":"f6da5b69a9d47e49f2387abc8957eea3ea2bc121f938bb24063e8d5e4ee029bf","sha512":"eb164f0f75996db3cd72f1b8c19a7d3c18e1ad379246f06426b457b711a26481e48754191a3b2cb042ee5b96fba173285624ac46bcde3108c545fd4317d4d0a6","ssdeep":"3:N/BKL1X6Iobn:eL1KIobn","tlshash":"d85504c05c4031f50c50cc10d5d01457500d44131c5d4401715d15d517314000c11dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.938097Z","last_seen":"2025-11-11T13:20:41.938097Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"46057f21071829b260b4dc328e907e44","sha1":"62f17a72c656016c98f3855eba9d1f4ed1473ad5","sha256":"687a703de276c61f183b35a0739a646cfcae0f4c26d4d27a8dc538f7e8cde491","sha512":"5d66a70e38f29fef131b0a4c2dca2846dfd7511bd9aee0e453916fb362a52109aa29f40c6253135244255124f3b042169816d90c76f06c77be42c5506e1eb00d","ssdeep":"3:N/BKL1X6IbVUn:eL1KIS","tlshash":"e55504c0dc4035701c50cd00d5701457500d4403105d4401715d15d717311000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.939431Z","last_seen":"2025-11-11T13:20:41.939431Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fff732b4c2a29c615152b2ffb4d8cfb4","sha1":"439633f93d9071925036f3f07649836b9e136f4b","sha256":"e4232a4ba92f305fa6bdc7996201102d51398a0ac967f9d14624da415b692fe8","sha512":"e3984d5d2b458b998e860a28cbe1cb6a621b6d40083405e91489a1a52a4e000bf5bb192182ce708e2afae780cfc2ff5a74e98b22543071ac00f7532a4aafcdea","ssdeep":"96:REoc3hCvbiG6rSqchSvlMNrPvCyPcb5gRbJtBS28fLYYzueh8wmZ:MhCvOGwSYGXCyEb2Rb1Sh5y5Z","tlshash":"f1916dd389a10950cfe517cbcd17f385b37509b71608746336dad42aa5adf8b013b8d4","size":4567,"data":"","first_seen":"2025-11-11T13:20:41.940835Z","last_seen":"2025-11-11T13:20:41.940835Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"5f76b4061d157e6d98a9b82afd75b654","sha1":"834fb39681ed55b76cfabe99b0acedb97dc1b855","sha256":"4c3a334c6db12392c9991657a2e397e63a069ac62be71d1eeac8e6330dacd352","sha512":"135a69bd538181d15d01d06b258b189d9a311fa626a3ded5fae0971815461fda8509a454a89ea920da2b3fe40edb69ccd7d8527fddd8ef69a6e8484bfde917b6","ssdeep":"3:N/BKL1X6IoV:eL1KII","tlshash":"e55504c07c403171045ccd00d5501417540d4401105d4405717d15d517311010011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.942724Z","last_seen":"2025-11-11T13:20:41.942724Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3d8e56a3e415459e5d224bec9f237d58","sha1":"76402e798725218b1d8f9da9d37d68f742e3e2c0","sha256":"419a7aa7c4c2f0a8f966408c2f8ec8076c12e0501b28104c2c6f11c6d49763af","sha512":"49ab3d406f8542aeb303b6051df7acc9bbfa27e556693a4a70cb224e3d15adf13b5173baa4c0d4a1116787afd50a254810f3d60626c048480b9f6eaa7bdd5bab","ssdeep":"","tlshash":"c6b012406ab13000c3139034484bc808f008034220ac041c745957300f0045a49f95a8","size":87,"data":"","first_seen":"2025-06-09T01:19:43.901562Z","last_seen":"2026-05-01T10:46:24.545653Z","times_seen":4037,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8671e9bb444c58c56c95df4fa8d19a7b","sha1":"475104b9c74e8df051fb574c7e8b653f0626b65c","sha256":"3f03c289d497ddcd7d20d595f1556597718d8e661d35a65691e19acebad7151f","sha512":"5e17f83e79bad14c269c4cd1347f101802f0121c5319ad8d296651ff943dffb65a16cd3e5d1104912e28b4fc8b5370a266b279a5680afc3985f7ee4b8e9a3d61","ssdeep":"3:N/BKL1X6I+g:eL1KI+g","tlshash":"fe5504c05c4031700c50cc01d5505457501f4541105d4401715d15d51f310000431dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.945661Z","last_seen":"2025-11-11T13:20:41.945661Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"69561c8e8e3347fbc232dee309cf64d5","sha1":"a8c28278339e2a27f33741b139a0703a5726a111","sha256":"1adcd4c914158dfd341247a1fd38c74e1b9e2d459a41dc25552f87a317f06c3f","sha512":"e5ec372979cea6c7b470c2da546605f32a9a102eab7ed0b715680f52d6fb121f3a40aa19e0987337ea15998ac79a8e3e3fe04dc91f25b2e4d8ea0b481b217e9e","ssdeep":"3:N/BKL1X6IJ:eL1KIJ","tlshash":"ae5504c0dc4031714450cc00d5dc1437700d4401105d4401717d15dd37730000411dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.948127Z","last_seen":"2025-11-11T13:20:41.948127Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a020ec87c520495847f41deef85765e1","sha1":"76a3e39df5af9df388496f80cd79a81a4e889a77","sha256":"41a0a1222a7f40584039da66e794d57ae359a97cc0a3408a8cd0bcbaa9033991","sha512":"65137e1d315f36a777659084b46319a8609aea9848fd9a718326bda79d26c5a13d450aaca0c98ca9cc60511acb3bcc947d9fb676a6699315f16c21b67f1f94e4","ssdeep":"3:N/BKL1X6If:eL1KIf","tlshash":"fc5504c05c4031750550cc50d5703417544d4401105d4c01715d55d517311000111dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.951144Z","last_seen":"2025-11-11T13:20:41.951144Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f47389d2f1abd47dbebeef3e2d3ae8a7","sha1":"dde5aa75f9a647e73d3e2d3fdda68898f850f72d","sha256":"30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda","sha512":"3524a8ed2b83fe9d62a0708424707959d6cc8e89a918407da7c46540b5982fea9230792acffc47517cf5d009231375b00d5ec2ff5689bfb74ea6a3c926653318","ssdeep":"","tlshash":"56b0028869e5a404e21975a5495fd144f12cc802148a0515658885515f114294167868","size":94,"data":"","first_seen":"2024-12-12T23:50:40.522517Z","last_seen":"2026-05-01T12:56:59.043697Z","times_seen":261167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a22fd2ccd72861733cb91b829e7d4a88","sha1":"aeacd530815f8176adff3a2cc4047edb1ea62907","sha256":"46e70848be3c13f2d2e0f2481255ad864b4187d8cc754544c9008fdaeb0a7550","sha512":"efe4a95a291256d048e5cb899ee2d96669d9704cb201efeb8e50260e5d97cb543ef9c6f1d43c742fbb51f80786d020a0fbc8080a1875bcc81d1e8bb485747837","ssdeep":"3:N/BKL1X6Ia:eL1KIa","tlshash":"225504c05c50317d4450cc50ddd01417500d4405105d4401715d15dd17310000411dd5","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.956045Z","last_seen":"2025-11-11T13:20:41.956045Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=99ce1598a85f56a3","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5875ec1cb72e17ae373670ffc5747332","sha1":"b46626fb2c7be0e66064242b4cc121ffb94b6afd","sha256":"16422f0caa757bf26053c4a2bb5f0ad696b3adcd6fd2c6ce9f746b53aaa61585","sha512":"3808e512a5696d9165f0ea30a309f03bee0ad3c6aac34265d9ff0688f88f28f70cef0ed6239bff3c708d2dc0b645aaf65085e7c02c3a83652721aec714bf88d1","ssdeep":"1536:oG3uu9BBtrqlX3D2WylOE6T9ClCjQoDC6moT6xNZ3xP+HYAOedfIWsMJkcA5EinP:o0pLBtrqlX3KO3T9Cl2hC2ssinxVmad","tlshash":"2bc3e9cd75da7854532620740027b8cea2fdac8c31284d1df452cad438eafa97567fea","size":121183,"data":"","first_seen":"2025-11-11T13:20:41.870631Z","last_seen":"2025-11-11T13:20:41.870631Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9567c46bbfde9a85e0b7098488cec50e","sha1":"9612450c29276207267a81c30be6e44cd1eab617","sha256":"2655b82994f7b3c848b316338e1eac9b7067d3c3729c31d1446eaa4929fda2e3","sha512":"002e9dcaefa36c3fd6f2606bf57be8ff97090362459db8b161b6e43a4b6b79eca74840f72db6d6353921d277b828b35000160727080686ba15c49a05eda49bec","ssdeep":"3:N/BKL1X6ID:eL1KID","tlshash":"c55504c47d4031741470cc00d5501417501d4401105d4411f15d15fd17350000011fdc","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.958929Z","last_seen":"2025-11-11T13:20:41.958929Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/?__cf_chl_rt_tk=Xg..ZpQwT3SpZO.HYZrYfWPZv6P0RTIGR_STw4SpLxk-1762867198-1.0.1.1-oQLdJaAL_R7C88zVUVSi3HRmGs2IJvFr3sHh6Lo3NXo","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9af2e9ea3e69da382cf4bc62f08ec480","sha1":"8650e84e800d1b9a7c5cf908487e9a368929b4df","sha256":"dffa3d776667b8646e03043b3dd5fda9a077bdec42d6b105846aff5699ff7259","sha512":"1ff57eb5368b734a47fd72b2b6ffd1a6edcf20fc1edb1febf59f65c11db393d2c331b1951744e84b89404f3ab14bb1a7729f604991069f140ddb891c5cb8a70e","ssdeep":"3:N/BKL1X6ItcVn:eL1KIuV","tlshash":"745504c05d4031700450cc00d5541457504d4441145d4401735d15d53f330004451dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.961691Z","last_seen":"2025-11-11T13:20:41.961691Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"59b7e849a0fc612be6dddf56d4dc1281","sha1":"856b894a7f564752de0d8917b19bb6ef43618192","sha256":"5b6089bf91229c6d0030aca2b61e62da65bb21e618b232bd397acd89d3d80eb5","sha512":"c33d9a50c15127934af5ebb821efaa62fcdae6413cd7bae7fc2576200d26dd4999d33adc3bf28ab0ef172dd8d693ddf82d58a6f149f43977ee87149ea0e46b3e","ssdeep":"","tlshash":"bc21df5ebfe558f6131012e5292b560d86f2fc88fc433844ab4988d07ce1e25942bfbb","size":1213,"data":"","first_seen":"2025-11-11T12:24:26.922091Z","last_seen":"2025-11-11T13:22:29.153405Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4cc004271abb452a34ae84ce32326df5","sha1":"16e4ab31964cbf7e2dc53beeafec0c13beabb129","sha256":"b856b34131f9de2a6e881e3418d5f162c23b957c7b2ee1caab5ee3727d8b27e0","sha512":"5e19a93549d44b37354a681212d74a7fbe48c40c95239f29e0132cfc806be942f35147851b5b2049eb4dd806ce6ba3d26ad6f9713d811f3022489400a25d233c","ssdeep":"3:N/BKL1X6I0S:eL1KIr","tlshash":"7c5504c0dc4031700454cc00d5505417501f4511505d4c01715d17f517310010011dd5","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.964862Z","last_seen":"2025-11-11T13:20:41.964862Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"23635988fdf909406a08f369840ec79b","sha1":"5b43b1bbfbddbead3482aeeaa10722b310857ee7","sha256":"d1544d169a6724b8790e717f2da8f34a2c8c8431cce9d4c209b7af3f4db305fb","sha512":"03cbddc39364795701ccf30912caa9164b5452881c9adcdc9932427f7a6437a6c172e5dc1522f5e4c948bba49dc48ee164528bd93695c17941f6463f92221bdd","ssdeep":"3:N/BKL1X6I42n:eL1KI42","tlshash":"235504d45c4031730450cc01d5505417500d4501105d4401f15d35d51f310000411dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.967307Z","last_seen":"2025-11-11T13:20:41.967307Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f057e2d1bc4badfef51db7166e65fb41","sha1":"5865df5e669d344de2e99a55ee3cdb724da0eba4","sha256":"3be602a792b3d9418dcaf0761564bb29f9e42ca70dc9c633f4d364c0759d53ef","sha512":"eca5287b133c5a786ce0f9b9c001e9442b37e4ed7e437d9bbc2578fae15694221aa74ad71f170fa05390b63e468099a029ff8172ce2d59a5ed9cac5c5605138e","ssdeep":"3:N/BKL1X6Ibddn:eL1KIDn","tlshash":"085504c05d4131701cd0cd00d5501c17500d4401105d4401715d15df17313000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.969981Z","last_seen":"2025-11-11T13:20:41.969981Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e83494d5d450cac2f723fd5b5202e9f8","sha1":"f9e955133bd0eba30ebe5ac080a984901edc018e","sha256":"bb95cca8735904e6af0bf77f45ad6097c9537d303b45a9082363be946b6472b7","sha512":"62a733f279877b923f02d1347d508a5251168bb96f3f67511441c9b47ac13288791108a0dfe853474008ae9bfc05fca8afba0d17203d576690398aa6d400baec","ssdeep":"3:N/BKL1X6I33:eL1KIH","tlshash":"c85504c05c4031700450cc01d5507417d00d4c01105d4401717d35d517310100111dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.972619Z","last_seen":"2025-11-11T13:20:41.972619Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"232199cb41cf792c51553bae55070392","sha1":"b4011ccb33fb7c8fc5c7456677231fc597906053","sha256":"beac35a4f86077301c4a584b89653cc511e2d242e6928d62605c18235fd41c0a","sha512":"feb1acd6564de1d8fdbd98b24bf361bf1aea8645e5b6cd6599a1161b006ccf7b536605c935f86f140f8852ea03dacfc7eb8f52d9a9d724ed2daf41aecbefec30","ssdeep":"3:N/BKL1X6LccEU:eL1KBEU","tlshash":"515504c07cc0317414d0cc00d5701437710d4d05101d4401715d0dd41f300000431dc4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.974876Z","last_seen":"2025-11-11T13:20:41.974876Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9feb4bdf1cd89e00aa44da023c9db7b1","sha1":"bf5754b8dc0804db7ffcb24fe37e924a127b9da5","sha256":"d80a574a41439759b6e6cd2dbcd8e51baffdbd1056da8d075a589fafac67544f","sha512":"38e16e05d1a2c2786706d9a76d272f44675e8718ba9cbd6f8c0a45944648ca0f730a85614650fa571962906451fd45b20ba978869b3b3fb639559b7ae272f336","ssdeep":"3:N/BKL1X6Ie:eL1KIe","tlshash":"205504c05d4431701471cd00d7d01417500d4c01105d4401715d15d517311000011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.977135Z","last_seen":"2025-11-11T13:20:41.977135Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6934d9d33cd2d0c005994e7d96d2e0d9","sha1":"96d89030c1473585f16ec7a52050b410e44dd332","sha256":"08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952","sha512":"64ff1127cfca45f7ab820ffa481a3af55570ab2d7b1b7e9d3c0309bd3b6783f6b8d10c8eb2224bc517613f82372722a443dc221398cd2e5b24594ebef1bf4359","ssdeep":"","tlshash":"cd1100000000000000000000000000000000000000000000300c000003000000000000","size":1000,"data":"","first_seen":"2025-03-02T18:12:34.22932Z","last_seen":"2026-05-05T16:06:13.412619Z","times_seen":131373,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ca897fb253cc8807c5aafc947eb02fb6","sha1":"25137d68712ada7d3ad424c80bc0d688a696f7bb","sha256":"57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce","sha512":"187200763128b83b777932b28834f8a21adf5824c5b9f8635249168aaefcc2451885b26da07411ccd56a52146f9b8cc2524647ebf2df4c1474f80d219d893f64","ssdeep":"","tlshash":"d96000030c00cc300033000c0003003f30f00c3003cc300c033003f003c030c0000030","size":16,"data":"","first_seen":"2024-12-12T23:50:40.144885Z","last_seen":"2026-05-01T12:56:59.005936Z","times_seen":261656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"799ff89aa17ae84ffe93c5314b0375d4","sha1":"494f7025786fa97142cd1b92271e8efbfb9813ae","sha256":"efaaf37a6dfdc6b1d167329f645e520c1c42a1326addb2550c918ab9befba027","sha512":"9608e8aa9c8e43ccda91098c179a2ae724c29a8ea5d57f3f866257eb91c208ab05bbb551c2b61f6f9d0ad6528d736d078fe5470b8c2567f6d53e6cfd43f2c97d","ssdeep":"3:N/BKL1X6IN:eL1KIN","tlshash":"f45504c45cc033700450cc00d55c1417540d440110ddc401715d5fd517310000011df4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.981556Z","last_seen":"2025-11-11T13:20:41.981556Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2f9635f36bbc9cec67968c0df0f5d0ec","sha1":"d91d04336bd8f176eb634803f2da6897fb6e0b3c","sha256":"51e464920cf3ec8b2c39ec6f57a7ea029edabf7e59267da9ebf0e11c8cd75bb6","sha512":"dd85d969649ed3768fa41de88bee1709b15c3b289aa4fe5a15d6eea352f4cf1c21081bac3f8a3045b67690a3f7c9f299a3746003be30502f963c8f380336d644","ssdeep":"3:N/BKL1X6I/v:eL1KIX","tlshash":"7b5504c05c4035700450cc05d550541f510d4401105d4501715d15d517310000451dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.983838Z","last_seen":"2025-11-11T13:20:41.983838Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c509a991e708d40afcaac215cf23cb89","sha1":"461653555c523c1b0db0d1c53b585eba1fd0e16d","sha256":"8d80450a45d6283d9e8e4eabd12149b652c6964e9daacf8e6f5d633247b8a74a","sha512":"ecbb921002a65a1b93b976f7449e936ab1d2591e5e9826cd6d739978f8d1c8434a73fb701656284218055f524ca75cba10466bebd792a0e87cb822343047d9f1","ssdeep":"3:N/BKL1X6INm:eL1KI4","tlshash":"715504c05c403d700450cd14d5505417500f4403105d4441f15d15d517310001011dd4","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.985786Z","last_seen":"2025-11-11T13:20:41.985786Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"e370b65596d838149ef17e1c5f960d9f","sha1":"c5ed7913fbb76a09072210a4921894ede2d227a4","sha256":"bba7c4c98f42802815d3018dbaa01304de6eb851b3b56e9316895b5f2c05e71f","sha512":"38535becf243672f9542313a9da853a460b7dedbf208f1fc8f8e614d430b675748ba28a83b9be5a298c10b34edc509e353ef0e693184b201a842e78315b05dc7","ssdeep":"6144:iLd07g90ByDMVLtQy8BcZknN5I00FqTe3vrK9mVodqTw+lTcxiaMPWW6/oH+dN/u:i2S0ByDMVLtQy8BcZknN5I00kTFmVYqz","tlshash":"6c642f4b21ba3d9d71207999f2624447ceaceb8587b4772a7c7182c3f898f51a5e1f30","size":317357,"data":"","first_seen":"2025-11-11T13:20:41.987694Z","last_seen":"2025-11-13T01:17:02.180409Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7caa0026e351562883af50d22958d5aa","sha1":"6b7cc65001b71fec173c8f4886fb3e2e73153b2e","sha256":"e5c7c9c8efd7af303be01366bac406a32e6c822e591285e9f96c22f413e2455a","sha512":"9ce3f4393ca4f313e53e7425502cc0b1f4e9310b7d311056ae1e20bf51d343b8b6b9cfbb8a965e3e633b1e62c75b8e9746158a6fdb4cee68336cbff168f858d3","ssdeep":"3:N/BKL1X6LccIT:eL1KBIT","tlshash":"755504c05c5031741550cc01d5701437510d4c01101d4401715d05d41f300000031fc5","size":1337359,"data":"","first_seen":"2025-11-11T13:20:41.989952Z","last_seen":"2025-11-11T13:20:41.989952Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-05-05T16:09:56.396049Z","times_seen":695910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-05-05T16:10:34.136803Z","times_seen":870638,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"ipfs.tech/secureproxy?e=ping_proxy","fqdn":"ipfs.tech","domain":"ipfs.tech","tld":"tech"},"ip":{"addr":"143.244.56.55","port":443,"asn":60068,"as":"Datacamp Limited","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.tech","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 17:25:22 GMT","end":"Mon, 26 Jan 2026 17:25:21 GMT"},"fingerprint":{"sha1":"5C:FF:6F:A2:93:80:E7:B0:B0:CF:FB:A7:09:C0:72:21:73:26:A4:CB","sha256":"0F:2A:34:B6:45:9D:56:E6:75:C1:C5:F8:18:63:1C:67:CF:3D:AB:04:7D:2E:67:3A:AD:F6:05:18:47:C2:D9:F6"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: ipfs.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ipfs.io\r\nReferer: https://ipfs.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-FR1-1218\r\ncdn-pullzone: 2016121\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\ncache-control: max-age=60, stale-while-revalidate=3600\r\nx-content-type-options: nosniff\r\nx-ipfs-path: /ipfs/bafybeibb7bijpaz4kp5qrde45ui66lrzeqdb6kjabyorafmfzc6v6cls7q/secureproxy\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-request-id: 06169d9449a793da7764f46a10fdd83f\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-xss-protection: 0\r\ncdn-proxyver: 1.39\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 404\r\ncdn-cachedat: 11/11/2025 13:20:09\r\ncdn-edgestorageid: 1323\r\ncdn-requestid: 562db16c9b52f989aee90f69bc51f1e1\r\ncdn-cache: HIT\r\ncdn-status: 404\r\ncdn-requesttime: 0\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":191,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"747b9734a075705026020221c213f1d9","sha1":"20010a4da94a4a3e5d9d5d46987dbe52ed0fc4b0","sha256":"93deaacb5ea501cf8a341d8249c9b1425908f2efae2d32d4222fb91e0fd74ed1","sha512":"ea285f6ce732784e6182d55e899acfae500a7bee81d14fd03c63a822a9d085d50475e49e74458840f7133a6dc334b4f36af485d689f94411e4cd8be183a01222","ssdeep":"","tlshash":"1ec01237f3d42a08ec3c583be141a54b4115ed055d8f922ca2d3040cd35bbc0e349dd8","first_seen":"2025-10-19T02:17:18.197021Z","last_seen":"2025-11-13T01:17:02.112831Z","times_seen":4,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":114,"dns":41,"connect":31,"send":0,"wait":41,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/config.php?s=%2F%40v1%2Fcdn%2Fjs%2Felegant-spinner.js\u0026t=29381120","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /config.php?s=%2F%40v1%2Fcdn%2Fjs%2Felegant-spinner.js\u0026t=29381120 HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Tue, 11 Nov 2025 13:20:13 GMT\r\ncontent-type: text/html\r\nlocation: https://ipfs.tech/config.php?s=%2F%40v1%2Fcdn%2Fjs%2Felegant-spinner.js\u0026t=29381120\r\nserver: cloudflare\r\ncf-ray: 99ce15f0ea325687-OSL\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nx-ipfs-pop: rainbow-fr2-03\r\npriority: u=3,i=?0\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com/@v1/cdn/js/elegant-spinner.js?t=29381120","fqdn":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","domain":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:13.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 14:08:01 GMT","end":"Sat, 10 Jan 2026 14:08:00 GMT"},"fingerprint":{"sha1":"9A:60:CE:4C:93:45:8B:FA:45:41:89:7B:73:9E:66:D8:B0:74:AB:C5","sha256":"DE:0C:AE:79:77:CD:E5:0E:54:C0:FC:CE:8D:77:6A:A2:EF:0A:E3:3E:AB:27:A2:05:C1:D7:80:E9:A9:DB:1E:AB"}}},"request":{"raw":"GET /@v1/cdn/js/elegant-spinner.js?t=29381120 HTTP/1.1\r\nHost: afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 523 No Reason Phrase\r\ndate: Tue, 11 Nov 2025 13:20:13 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 3\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 4623692\r\ncdn-requestcountrycode: NO\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\ncache-control: no-cache\r\netag: W/\"3-jeI6quxhssuoG9FV6mYyJzfep9g\"\r\ncdn-proxyver: 1.39\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 523\r\ncdn-cachedat: 11/11/2025 13:20:13\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 8cc233539c33ad951de20a814e8b7418\r\ncdn-cache: MISS\r\ncdn-status: 523\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"523","status_text":"No Reason Phrase","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":28,"dns":19,"connect":1,"send":0,"wait":115,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"afumyacvizccbvqvzkoxuqrhyuaqopcopwfygjv.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T13:19:58.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ndate: Tue, 11 Nov 2025 13:19:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kxpAB8TIWaVMMRAfE%2FwUNqCWy%2F8ZWmflml5%2BkK%2Fi%2B0sztwvFl4LVwy%2B%2B%2F2bvMLRXYlaB8tEJB%2FbAEh0fsrOH7ov8aLVgfTXFUtJDQLDG%2F9I6jy5w2EGBmYpixltJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\npriority: u=1,i=?0\r\ncontent-encoding: br\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"99ce1598a85f56a3\", cfExtPri, cfL4;desc=\"?proto=QUIC\u0026rtt=2743\u0026min_rtt=1194\u0026rtt_var=1709\u0026sent=13\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=4083\u0026recv_bytes=1307\u0026delivery_rate=753885\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=15778\u0026unsent_bytes=0\u0026cid=8b1830629d283ccb\u0026ts=182\u0026inflight_dur=27\u0026x=55\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncf-ray: 99ce1598a85f56a3-OSL\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6569,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (6569), with no line terminators","md5":"021dbcb42778a811321ce3aa388a6365","sha1":"da163b86d4285b42543becaa71410d4cdb72b03c","sha256":"da40d90ee85cb92a62b76dbeea85e182e2c0a73f182307e9d435407433bcc566","sha512":"e00d9fbc3eb237130db1c44753c1e49c9666395be790bb8f9590da3e93d6b1728c3199534e4e1b82e7569399d4a6e7c5eedf6421fbb20025c9b18a89aaca58d0","ssdeep":"96:PNybXZtIEb0EFW87IEoc3hCvbiG6rSqchSvlMNrPvCyPcb5gRbJtBS28fLYYzueL:PNadB5hCvOGwSYGXCyEb2Rb1Sh5y5w","tlshash":"02d18ef359612022d7f60fe78477f34893144676970494a6f9e7e92d82ddf4b00375a8","first_seen":"2025-11-11T13:20:41.862161Z","last_seen":"2025-11-11T13:20:41.862161Z","times_seen":1,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/bbe92528df00/api.js?onload=ULCKu2\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:19:59.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /turnstile/v0/b/bbe92528df00/api.js?onload=ULCKu2\u0026render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ebpm19.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 13:19:59 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\nlast-modified: Mon, 10 Nov 2025 16:44:09 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: https://ebpm19.top\r\nvary: Accept-Encoding\r\nset-cookie: _cfuvid=Ujj4IoAoSN_URbF3gssfy0pubVXi5NMiLbGepieVYz0-1762867199055-0.0.1.1-604800000; path=/; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 99ce159a0b79b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49897,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49896)","md5":"c78847a203844e5651660347afb97def","sha1":"61e413a615293388a7ddd854fddf33fcd2f3e254","sha256":"800599c0d8539282ff61d457dd834ddf03f37866e7c113e990f2e70c6d77944e","sha512":"7def656365490eea56a16fc1e08f0036db80b765171326a1a53abb91a64c7451873be040ccc095b74c482bce674b157c0789619a75f66655ce5f667b2084b43b","ssdeep":"768:TiCMrW002bMnnL/PQ8bw08n1SnAeWMRe0SsKosrUxnHKeQiAeGE3VNgwSxA0S5+Q:TXr2YnnL/PQ8dvnA7M1aru7","tlshash":"53233b583156387267e980e4607b63437325793ae94ccc50e827d936366cecad237fba","first_seen":"2025-11-11T11:45:52.92656Z","last_seen":"2025-11-11T13:42:08.806473Z","times_seen":92,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":15,"dns":0,"connect":1,"send":0,"wait":11,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/cdn-cgi/challenge-platform/h/b/flow/ov1/1911302075:1762863322:ZrebEtIsrtbvDfPWx5giU7oSjn4bdlCtu_SO_hViiVw/99ce1598a85f56a3/BrxAV4aCka.Dr6wBVaZ5.rh21896sWLegkbABmfjJck-1762867198-1.2.1.1-ijqaOHi3elSPRQECWQRq.WCjKMXmTQ_JXawQ702G.tveE5UacEzocwh2XN55utr4","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:20:11.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1911302075:1762863322:ZrebEtIsrtbvDfPWx5giU7oSjn4bdlCtu_SO_hViiVw/99ce1598a85f56a3/BrxAV4aCka.Dr6wBVaZ5.rh21896sWLegkbABmfjJck-1762867198-1.2.1.1-ijqaOHi3elSPRQECWQRq.WCjKMXmTQ_JXawQ702G.tveE5UacEzocwh2XN55utr4 HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ebpm19.top/\r\ncf-chl: BrxAV4aCka.Dr6wBVaZ5.rh21896sWLegkbABmfjJck-1762867198-1.2.1.1-ijqaOHi3elSPRQECWQRq.WCjKMXmTQ_JXawQ702G.tveE5UacEzocwh2XN55utr4\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 4300\r\nOrigin: https://ebpm19.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Sc%2FlyJHDwpwnP1%2B5uATb6ELLMgQ8BtJtQR419HG7kUc%2FUdZwiZR65H8NZj9TVhjYd3ymOxfWofe4xGXq%2BIAWEo7TtaMPhO9bPC3HM1Hz9DSLCwS0DwgdF7GORxKm\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nset-cookie: cf_clearance=kBy2dLMlO4CID7ye2dGPrUlnBaT7iofo0pEouG5YIpU-1762867211-1.2.1.1-r74e5pHhZ0927p8oJ.eoS8ztjXnAEQKh8T.3kfsnKyMnk..BulYt3zELMU1eYKLO58m3O3UqBJi6cXQARA.eQNnOPjAHmUWLJudKrNxwDV.SdOoOScPiqM6mCt1PiuykKty3paWu6puuwMjzuXpFes9gabXbsOW9rnWfZpZ2bLy96rLEdOwt_OHy3b0Y0LqDAVm2vv9PKcPviVWd399jA.Pmxlz5wDx8yo0BKaJAf1I; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=ebpm19.top; Expires=Wed, 11 Nov 2026 13:20:11 GMT\r\ncf-chl-out: Qzzx2NqBOrCXWN3JqNzKKljlowXgsU/46EeeWc57SFKYw5YEbr+TrMql8/bH9WycB3Flnfy0iwcbBXtov7AL9w==$q9IVLPp+P8zcoP/hY37+EQ==\r\ncf-chl-out-s: hWMFJTXSMreP/kkaHJUA8SIcquXer/GMPnP4VovL+tdIhQsXSdka8YOUicVcyngbTm0w1z223lThFzOK7HU19otBDx8S5zDI1OF/uStyuLr0c8LDATg2YbZShBR0ko1DYIPtfVg8sXRTRgflN54QyXRDeaRBmilNjTYaignsZBDxQSj/KdlJNZrkAxRdGx7WjfdfiPWZac+QX0pc4xu7r4TISpH+ax4NEQg+HdC7W9DaeLjgpYslHOGqHriCmY5/wT5Ys3h99FzO+cDFSg9LbKRycd5dUGgsuaNArEt8mZ5+3SW8rUTf4JysKEZ1iVb/swWn2pYTrAhttbjlBuYPVty0D9q92NbiS7O6IIYGtGQzBIqBcz9fOQo6MGisk4/pFyodlI+OTHc2xgMmMqWinsHBkSI/ZhnLE1hO1x45a3giXUZGaquphK+Pt4KeJ6ugSu2H/Rm2xk/PTTM2v3STCw==$6R1YwALPbktkS5QGZoNomg==\r\ntiming-allow-origin: https://ebpm19.top\r\ncf-ray: 99ce15e61c5956a3-OSL\r\nserver: cloudflare\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri, cfL4;desc=\"?proto=QUIC\u0026rtt=1103\u0026min_rtt=466\u0026rtt_var=542\u0026sent=80\u0026recv=32\u0026lost=0\u0026retrans=0\u0026sent_bytes=73194\u0026recv_bytes=10515\u0026delivery_rate=19868625\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=50632\u0026unsent_bytes=0\u0026cid=8b1830629d283ccb\u0026ts=12604\u0026inflight_dur=42\u0026x=55\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4160,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (4160), with no line terminators","md5":"25381e193148a698da9e3db9b525db5c","sha1":"33fdd4fb872e5fa6e304c9ce9d920da3404c9b91","sha256":"2164bfc15d85eee573dc307ff3d757877e4d8ad157c86960c9c76a6ec3e664d3","sha512":"f9760f74ce912a315e1a3f3d40e548f09ef1d9761a86b8e1451f347ff4476f201648cca7b024e1dcf79632827c910cc52eb506f704f47e7e07a4d9cf39ccf331","ssdeep":"96:hAqicYaTKVWLkcbx1QWNIIImgh0uT8S+MiIVd:mcPTKVWyWhll68iiOd","tlshash":"e4817d5680e27296f8e1d1725008cc2f42165e45276613c8e3a1ad9b7f895e03eacaa8","first_seen":"2025-11-11T13:20:41.865515Z","last_seen":"2025-11-11T13:20:41.865515Z","times_seen":1,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq/","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq/ HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 123409\r\nserver: cloudflare\r\ncf-ray: 99ce15f0da1d5687-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 440208\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq/\r\nx-ipfs-pop: rainbow-fr2-02\r\nx-ipfs-roots: bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq\r\npriority: u=6,i=?0\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":123409,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"0d8e9a185773da474955639b5fc82808","sha1":"20a83c3b86f3fc904f26dcc59419205bdb0a2975","sha256":"e5721ef7bd05455ed2f842ea2f66fd7715b56cea319d819187907838300618ac","sha512":"3660589a5ef0ab74175ed985f79555b264ff68cf5d2bd8f737525630d59387d37b871d9ed7a92de2250b80ea53b08169f333f1b453303ccfce377ef738291b3e","ssdeep":"3072:1E6pISxxAj7GlIoJPxH6o6CMRHqemhgpeKw96T7u5XOAZ:1E6WSxxS7GlIoJPxafHtkEJw","tlshash":"6bc32945d3a6ca85de18caff2e269dca0105b377f0d88ee8344cb1f4b178d5349866d2","first_seen":"2023-05-09T04:14:29Z","last_seen":"2026-05-05T09:00:25.991658Z","times_seen":585,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.tech/config.php?s=%2F%40v1%2Fcdn%2Fjs%2Felegant-spinner.js\u0026t=29381120","fqdn":"ipfs.tech","domain":"ipfs.tech","tld":"tech"},"ip":{"addr":"143.244.56.55","port":443,"asn":60068,"as":"Datacamp Limited","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:13.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.tech","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 17:25:22 GMT","end":"Mon, 26 Jan 2026 17:25:21 GMT"},"fingerprint":{"sha1":"5C:FF:6F:A2:93:80:E7:B0:B0:CF:FB:A7:09:C0:72:21:73:26:A4:CB","sha256":"0F:2A:34:B6:45:9D:56:E6:75:C1:C5:F8:18:63:1C:67:CF:3D:AB:04:7D:2E:67:3A:AD:F6:05:18:47:C2:D9:F6"}}},"request":{"raw":"GET /config.php?s=%2F%40v1%2Fcdn%2Fjs%2Felegant-spinner.js\u0026t=29381120 HTTP/1.1\r\nHost: ipfs.tech\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ipfs.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 11 Nov 2025 13:20:13 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-FR1-1218\r\ncdn-pullzone: 2016121\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\ncache-control: max-age=60, stale-while-revalidate=3600\r\nx-content-type-options: nosniff\r\nx-ipfs-path: /ipfs/bafybeibb7bijpaz4kp5qrde45ui66lrzeqdb6kjabyorafmfzc6v6cls7q/config.php\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-request-id: f8ec2839b711bf6c7b43556637977a0a\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-xss-protection: 0\r\ncdn-proxyver: 1.39\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 404\r\ncdn-cachedat: 11/11/2025 13:20:06\r\ncdn-edgestorageid: 1327\r\ncdn-requestid: fc622bfb72087da167a199651866a184\r\ncdn-cache: HIT\r\ncdn-status: 404\r\ncdn-requesttime: 0\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":72,"dns":1,"connect":31,"send":0,"wait":34,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.tech","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T13:20:11.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:11 GMT\r\ncontent-type: text/html\r\ncontent-encoding: br\r\ncf-ray: 99ce15e7bbd90afa-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=29030400, immutable\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nx-ipfs-pop: rainbow-fr2-02\r\nx-ipfs-roots: QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":3505,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"af94b7203df9bffb8ab12b8168b9b5cc","sha1":"493952aac270b384db79e1ea1ba72b97a8032f5a","sha256":"1228f84d007041dcb261f7a924252cd202bcf55953936642a03b2c9a632d5952","sha512":"aa2e33e4517006ea25670e83ba78718ab05f2df342411bba357f113c3b1e79caa3edbc8eb399fc30a909ea19da2f30e2db916089c5349828ada2c6f911f0132d","ssdeep":"","tlshash":"bc7150e084b0a5271173c0d69a619b6f22a1ea078ecab91432fc67ec3fd3c91d41348d","first_seen":"2025-11-11T13:20:41.868763Z","last_seen":"2025-11-13T01:17:02.103096Z","times_seen":3,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":24,"dns":5,"connect":1,"send":0,"wait":87,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"corsproxy.io/?https://api.mainnet-beta.solana.com","fqdn":"corsproxy.io","domain":"corsproxy.io","tld":"io"},"ip":{"addr":"104.26.6.163","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:13.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"corsproxy.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 23:42:06 GMT","end":"Thu, 25 Dec 2025 00:42:04 GMT"},"fingerprint":{"sha1":"0C:CD:24:B7:B0:CE:FE:13:D4:74:92:88:E5:8A:19:06:1B:6E:63:58","sha256":"0A:01:7A:C2:3C:74:E6:03:26:29:BB:69:4E:28:E2:F1:01:93:57:7A:C8:02:E9:3E:47:23:C2:D6:66:65:DA:08"}}},"request":{"raw":"OPTIONS /?https://api.mainnet-beta.solana.com HTTP/1.1\r\nHost: corsproxy.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://ipfs.io/\r\nOrigin: https://ipfs.io\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Tue, 11 Nov 2025 13:20:13 GMT\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, private, max-age=0, s-maxage=0, proxy-revalidate, no-transform\r\nexpires: 0\r\nvary: *, accept-encoding\r\npragma: no-cache\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: content-type\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH\r\naccess-control-max-age: 86400\r\nsurrogate-control: no-store\r\nx-cache-buster: 1762867213282_mnp4l51\r\nx-request-id: f2539dfa-41c2-45de-8786-3dc50493e068\r\nx-timestamp: 1762867213282\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HFNilCln01yh8ZhTC0W0t1WcrmXLd5Z7dp3VJJ3dfTb34rqxs89WJp2Pi6QQNPAnAeWiSrvN%2FJa4lN7eW2Kuyp4lrnTRGWNJLQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 99ce15f2fb505697-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":26,"dns":4,"connect":1,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T13:19:58.801Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Tue, 11 Nov 2025 13:19:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 167\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Tue, 11 Nov 2025 14:19:58 GMT\r\nLocation: https://ebpm19.top/\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=67s5UoL1W0V6kLEH6JfCDe%2BI6vOD7VQ1ORaOHVS7wiJmXJJJPBqCBjaNVXKRP1D709ErYzpROWPGooYfrzzpfTX0ukacxJMOLEGBHsr94PB4UqtuD2KvSRFZdqj3\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 99ce1598789c23eb-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=494\u0026min_rtt=494\u0026rtt_var=247\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=395\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6569,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=99ce1598a85f56a3","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:19:58.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=99ce1598a85f56a3 HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ebpm19.top/?__cf_chl_rt_tk=Xg..ZpQwT3SpZO.HYZrYfWPZv6P0RTIGR_STw4SpLxk-1762867198-1.0.1.1-oQLdJaAL_R7C88zVUVSi3HRmGs2IJvFr3sHh6Lo3NXo\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:19:58 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uTSErDlSva6Jiml1fwYSeXNTx1yb73WEDBsHRcPav5WHnrTXQT49eqtxbON4sqHvS6gEJw67nil6TGYRTgsO8OuXBAWR%2Btogj1D0kndSaQq0oDFtv68bor1%2F9g09\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncf-ray: 99ce1599686456a3-OSL\r\nserver: cloudflare\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri, cfL4;desc=\"?proto=QUIC\u0026rtt=2489\u0026min_rtt=710\u0026rtt_var=1790\u0026sent=19\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=10028\u0026recv_bytes=1733\u0026delivery_rate=3491885\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=21697\u0026unsent_bytes=0\u0026cid=8b1830629d283ccb\u0026ts=297\u0026inflight_dur=29\u0026x=55\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121183,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5875ec1cb72e17ae373670ffc5747332","sha1":"b46626fb2c7be0e66064242b4cc121ffb94b6afd","sha256":"16422f0caa757bf26053c4a2bb5f0ad696b3adcd6fd2c6ce9f746b53aaa61585","sha512":"3808e512a5696d9165f0ea30a309f03bee0ad3c6aac34265d9ff0688f88f28f70cef0ed6239bff3c708d2dc0b645aaf65085e7c02c3a83652721aec714bf88d1","ssdeep":"1536:oG3uu9BBtrqlX3D2WylOE6T9ClCjQoDC6moT6xNZ3xP+HYAOedfIWsMJkcA5EinP:o0pLBtrqlX3KO3T9Cl2hC2ssinxVmad","tlshash":"2bc3e9cd75da7854532620740027b8cea2fdac8c31284d1df452cad438eafa97567fea","first_seen":"2025-11-11T13:20:41.870631Z","last_seen":"2025-11-11T13:20:41.870631Z","times_seen":1,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/favicon.ico","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:19:59.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ebpm19.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 11 Nov 2025 13:19:59 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F86S4iAfAI7RJECzn3u6zDwnWPLMwuJGzvyq2MZSW4LT9oqG7Eirfam%2FvfW4aEtNmZ1jTrLP0skhgg3vuj8iVhVYygeOixWb\"}]}\r\ncf-ray: 99ce1599d86656a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":272,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"374433f1f4b2729be20b863b964d2fe3","sha1":"67b15cc233e1cd1c2d631240422709a4f4ac9ea5","sha256":"484bbc141512a11bf0a365e92671b83ddba1b58e7af980c6d249535aef9faa66","sha512":"bf48d8aea53b0cb42d015c8257d416ee758089dbaba070b9f3bfedd2ef981d12a83323d760decb164bb5a156bfe8c2c65d6b36121dd7ebe665af4ce3831d26b9","ssdeep":"","tlshash":"2cd02b9e9083b3874812246039c115e2264c23f6a47a81a86d86d487529893ece9aadc","first_seen":"2025-11-11T13:20:41.873152Z","last_seen":"2025-11-11T13:20:41.873152Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq/","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq/ HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 123409\r\nserver: cloudflare\r\ncf-ray: 99ce15ef88b05687-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 440208\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq/\r\nx-ipfs-pop: rainbow-fr2-02\r\nx-ipfs-roots: bafkreihfoippppifivpnf6cc5ixwn7lxcw2wz2rrtwazdb4qpa4dabqyvq\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":123409,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"0d8e9a185773da474955639b5fc82808","sha1":"20a83c3b86f3fc904f26dcc59419205bdb0a2975","sha256":"e5721ef7bd05455ed2f842ea2f66fd7715b56cea319d819187907838300618ac","sha512":"3660589a5ef0ab74175ed985f79555b264ff68cf5d2bd8f737525630d59387d37b871d9ed7a92de2250b80ea53b08169f333f1b453303ccfce377ef738291b3e","ssdeep":"3072:1E6pISxxAj7GlIoJPxH6o6CMRHqemhgpeKw96T7u5XOAZ:1E6WSxxS7GlIoJPxafHtkEJw","tlshash":"6bc32945d3a6ca85de18caff2e269dca0105b377f0d88ee8344cb1f4b178d5349866d2","first_seen":"2023-05-09T04:14:29Z","last_seen":"2026-05-05T09:00:25.991658Z","times_seen":585,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.woff","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.woff HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: font/woff\r\ncontent-length: 67904\r\nserver: cloudflare\r\ncf-ray: 99ce15f0294c5687-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 529355\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"QmYuQxz9gSEgqeXjk3hmyAFuWEPtuTRavEnkzGGxBJB3rk\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.woff\r\nx-ipfs-pop: rainbow-fr2-03\r\nx-ipfs-roots: Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ,QmYuQxz9gSEgqeXjk3hmyAFuWEPtuTRavEnkzGGxBJB3rk\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":67904,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 67904, version 0.0","md5":"2c159d0d05473040b53ec79df8797d32","sha1":"5524e1137e3552ccc4b142e64703bf4123b4e9b1","sha256":"a75e381026eced44f4e8d6ea4dc40e28e6a64dd953e8c0b6c239d1ac844c4a2d","sha512":"0e0273be313fc5c8ad48c4b697c7ae08b946888327755298cb87a3b3f4a39a0225ad6e9d46bed78cf4f498c66c6c83b4dc1d76b0c1891883d1edac480277f9c9","ssdeep":"1536:MWDL6msnGPDV3swi74RvqWjsUbG05GJyMkYb17hn0M0Rm09Z5QOybdVo:Z3MnaDzi4qWjrS05GoMkYb17hn0Nv8dO","tlshash":"39630226a2fe48b2cd9be4382e0c9fde538fd59c657c572c3234e0bf194d241598d964","first_seen":"2023-05-07T22:30:40Z","last_seen":"2026-04-23T21:28:08.793821Z","times_seen":233,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":42,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/favicon.ico","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:19:58.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ebpm19.top/?__cf_chl_rt_tk=Xg..ZpQwT3SpZO.HYZrYfWPZv6P0RTIGR_STw4SpLxk-1762867198-1.0.1.1-oQLdJaAL_R7C88zVUVSi3HRmGs2IJvFr3sHh6Lo3NXo\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 11 Nov 2025 13:19:59 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ErQWbdpPY7De5b93%2BKVA8S3VPgrof6jQ8XY3vuVzboNSv%2BUjQnR1w3MqjwAXLeSq5eRLdHEa8E6%2BoAyeWiAouwSLlVbNefi%2B\"}]}\r\ncf-ray: 99ce1599886556a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":272,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"374433f1f4b2729be20b863b964d2fe3","sha1":"67b15cc233e1cd1c2d631240422709a4f4ac9ea5","sha256":"484bbc141512a11bf0a365e92671b83ddba1b58e7af980c6d249535aef9faa66","sha512":"bf48d8aea53b0cb42d015c8257d416ee758089dbaba070b9f3bfedd2ef981d12a83323d760decb164bb5a156bfe8c2c65d6b36121dd7ebe665af4ce3831d26b9","ssdeep":"","tlshash":"2cd02b9e9083b3874812246039c115e2264c23f6a47a81a86d86d487529893ece9aadc","first_seen":"2025-11-11T13:20:41.873152Z","last_seen":"2025-11-11T13:20:41.873152Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T13:20:11.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ebpm19.top/?__cf_chl_tk=Xg..ZpQwT3SpZO.HYZrYfWPZv6P0RTIGR_STw4SpLxk-1762867198-1.0.1.1-oQLdJaAL_R7C88zVUVSi3HRmGs2IJvFr3sHh6Lo3NXo\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 3565\r\nOrigin: https://ebpm19.top\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=kBy2dLMlO4CID7ye2dGPrUlnBaT7iofo0pEouG5YIpU-1762867211-1.2.1.1-r74e5pHhZ0927p8oJ.eoS8ztjXnAEQKh8T.3kfsnKyMnk..BulYt3zELMU1eYKLO58m3O3UqBJi6cXQARA.eQNnOPjAHmUWLJudKrNxwDV.SdOoOScPiqM6mCt1PiuykKty3paWu6puuwMjzuXpFes9gabXbsOW9rnWfZpZ2bLy96rLEdOwt_OHy3b0Y0LqDAVm2vv9PKcPviVWd399jA.Pmxlz5wDx8yo0BKaJAf1I\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Tue, 11 Nov 2025 13:20:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=un0Qr%2ByOOhyZThMI3RPrZTWwxHynHtZNBX1m6DbWKQDD43D7RYCSR8MafvCP5fyNPxFjcvEsjh6Zog%2FI%2FX7DSfgu6SGmapBm1dmrEla8XidFEBdqtZFuXA0dqMhj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\npriority: u=1,i=?0\r\ncf-ray: 99ce15e6dc6656a3-OSL\r\nx-powered-by: PHP/8.3.6\r\nlocation: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri, cfL4;desc=\"?proto=QUIC\u0026rtt=1125\u0026min_rtt=466\u0026rtt_var=451\u0026sent=86\u0026recv=37\u0026lost=0\u0026retrans=0\u0026sent_bytes=77998\u0026recv_bytes=14944\u0026delivery_rate=19868625\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=50632\u0026unsent_bytes=0\u0026cid=8b1830629d283ccb\u0026ts=12788\u0026inflight_dur=44\u0026x=55\"\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.6","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3505,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.min.css","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:11.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.min.css HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:11 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-encoding: br\r\ncf-ray: 99ce15e9096f5687-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 575035\r\ncache-control: public, max-age=29030400, immutable\r\netag: W/\"QmctV3Fu3ibkFESHG1PjbAJgHo6APs8fPcS9ssTxyjZkKu\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.min.css\r\nx-ipfs-pop: rainbow-fr2-03\r\nx-ipfs-roots: Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ,QmctV3Fu3ibkFESHG1PjbAJgHo6APs8fPcS9ssTxyjZkKu\r\npriority: u=2,i=?0\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51197,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (50712)","md5":"5d44a6d5067054794749ce8fa51b4831","sha1":"e490960af9916cfbfc700a2b938132c26d4367f1","sha256":"2935156540a7039310270c0598c48982bd8c0b18d5b93f3266cb08e82ed36962","sha512":"b44a508b9df68ecb70f7429ef08f8647573a2c3834b9fb440d7ab3304dceb930046934896aba986b114620c793f4e53bc9769363b09df8a992e8a23cc32621c4","ssdeep":"384:R48VIQhhJhjRqFdtYRjJIjsjaHnNfc2C4741mf5HRzL:R48phhjQFduRjJ7uHFcu7Smf5xzL","tlshash":"1d33f8e4d20c0dd0ab35c447ab49674858b5f7fbe4584ca8e42fd4ac39cb224a3e5b6d","first_seen":"2025-08-31T15:59:17.876224Z","last_seen":"2026-04-06T22:57:01.762927Z","times_seen":116,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/471c09743f2ae171051f13575fa99b3a0700ca77.ttf","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/471c09743f2ae171051f13575fa99b3a0700ca77.ttf HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/C.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-encoding: br\r\ncf-ray: 99ce15ef687b5687-OSL\r\ncf-cache-status: EXPIRED\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-content-type-options: nosniff\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/471c09743f2ae171051f13575fa99b3a0700ca77.ttf\r\nx-ipfs-pop: rainbow-am6-06\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":231,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6129ac1b640c39d541a415459e0de77b","sha1":"3cca0b3a814f5e50dee8d6db2744bf1d8055a781","sha256":"54476ccce1f4de10611752c8967d1a997296ead1dcf22ed4cbedb8b25924ca38","sha512":"e6c41201bd03ac2ed11195695daf505a1ca433c220076dda6446cbcc2d63d93cf9d0e28ebd2e4f5ae3fb6c1d0d97c6b03e0091c7af067bff943f7ab739065d08","ssdeep":"","tlshash":"b9d02ebefe44a8a8172290086283c7a120b184a02af060b820eae08c1420264e02ba16","first_seen":"2025-08-31T15:59:17.897327Z","last_seen":"2026-04-06T22:57:01.756673Z","times_seen":104,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"corsproxy.io/?https://api.mainnet-beta.solana.com","fqdn":"corsproxy.io","domain":"corsproxy.io","tld":"io"},"ip":{"addr":"104.26.6.163","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:13.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"corsproxy.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 23:42:06 GMT","end":"Thu, 25 Dec 2025 00:42:04 GMT"},"fingerprint":{"sha1":"0C:CD:24:B7:B0:CE:FE:13:D4:74:92:88:E5:8A:19:06:1B:6E:63:58","sha256":"0A:01:7A:C2:3C:74:E6:03:26:29:BB:69:4E:28:E2:F1:01:93:57:7A:C8:02:E9:3E:47:23:C2:D6:66:65:DA:08"}}},"request":{"raw":"POST /?https://api.mainnet-beta.solana.com HTTP/1.1\r\nHost: corsproxy.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ipfs.io/\r\nContent-Type: application/json\r\nContent-Length: 130\r\nOrigin: https://ipfs.io\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:13 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\ncf-ray: 99ce15f30b6c5697-OSL\r\ncf-cache-status: DYNAMIC\r\nallow: OPTIONS, POST, GET\r\ncache-control: no-store, no-cache, must-revalidate, private, max-age=0, s-maxage=0, proxy-revalidate, no-transform\r\ncontent-encoding: gzip\r\nexpires: 0\r\nvary: *, Accept-Encoding\r\npragma: no-cache\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH\r\naccess-control-max-age: 86400\r\nsurrogate-control: no-store\r\nx-cache-buster: 1762867213519_tri263n\r\nx-cache-status: DYNAMIC\r\nx-client-country: NO\r\nx-client-ip: 91.90.42.154\r\nx-original-url: https://api.mainnet-beta.solana.com/\r\nx-proxy-contact: support@corsproxy.io\r\nx-proxy-mode: cloudflare-snippets\r\nx-proxy-region: unknown\r\nx-proxy-response: true\r\nx-proxy-service: CORS Proxy\r\nx-proxy-time: 199ms\r\nx-proxy-version: 2.1.1\r\nx-proxy-website: https://corsproxy.io\r\nx-ratelimit-conn-limit: 40\r\nx-ratelimit-conn-remaining: 39\r\nx-ratelimit-connrate-limit: 40\r\nx-ratelimit-connrate-remaining: 39\r\nx-ratelimit-endpoint-limit: unlimited\r\nx-ratelimit-endpoint-remaining: -1178\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-method-limit: 30\r\nx-ratelimit-method-remaining: 29\r\nx-ratelimit-pubsub-limit: 5\r\nx-ratelimit-pubsub-remaining: 5\r\nx-ratelimit-remaining: 999\r\nx-ratelimit-reset: 2025-11-11T14:20:13.519Z\r\nx-ratelimit-rps-limit: 100\r\nx-ratelimit-rps-remaining: 99\r\nx-ratelimit-tier: free\r\nx-report-abuse: abuse@corsproxy.io\r\nx-request-id: 9eaf22a5-a4eb-4f1a-9a37-73176e1021bc\r\nx-rpc-node: fra120\r\nx-timestamp: 1762867213519\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=eg3Xp7c5nvaGOKKZe3rxF2JRZBSusCPMPxHcoYB0orcNKlx8sGPm%2FcCVU6JGPL%2BuERaxPLx6gDukgPbszUQI%2FNR2yEcUwvjPFcWhIqJF4R0CMdGdtz3jO9i8hf%2FD4g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\naccess-control-allow-origin: *\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=935\u0026min_rtt=499\u0026rtt_var=853\u0026sent=9\u0026recv=12\u0026lost=0\u0026retrans=0\u0026sent_bytes=4102\u0026recv_bytes=1559\u0026delivery_rate=7133004\u0026cwnd=255\u0026unsent_bytes=0\u0026cid=fa428a66447f3fdd\u0026ts=274\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":326,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"8c3709d0cc342f1a442d4ec5b3c84bd6","sha1":"f3944c994526c314d50cf31a6e57387190fa4261","sha256":"1aa4dc688ea464a3a911cc28af5bcc194e66423f6cd5bf8553fc9a35df6efc6b","sha512":"ef04bf3a1b5402e2e4b7f9d7a483791a081ff667a8eba59b7089ba9bf09bb4e817e831ccc212e7e4649cd5cb4e10dd30f2f64f02a887858146e13380c9c57bf2","ssdeep":"","tlshash":"4ce07d843d0a0bbfbae58f43eb1c518ef2c0159c1740499e57d5159572c18cdb09fa77","first_seen":"2025-11-11T13:20:41.880734Z","last_seen":"2025-11-11T13:20:41.880734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.ttf","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.ttf HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-encoding: br\r\ncf-ray: 99ce15ef485b5687-OSL\r\ncf-cache-status: EXPIRED\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-content-type-options: nosniff\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/ionicons.ttf\r\nx-ipfs-pop: rainbow-am6-04\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":167,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"24fb4424ec3e4812e9a558807cbd24fc","sha1":"313f0d60658f6d660366ac5508d4dd71d5afbd98","sha256":"b206d8a8163ab7605ae37a0396c283340d71c83c8b8286dacafa62853449b92f","sha512":"22ae239da2d4297551a3eefe680fe999a6a83263c661ca866cfda9d86993e2ef033de60b88f7680bd57667fe6a730856e8c8369fb0b9d8c6a261f8c797549a0b","ssdeep":"","tlshash":"f5c012faea46b0882f70a2aa40a1abb36571d8e21810f01e25ebc80c26384a5e107a11","first_seen":"2025-08-31T15:59:17.893273Z","last_seen":"2026-04-06T22:57:01.761092Z","times_seen":104,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:19:59.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:19:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-iHcILE3wvxj1GhaU' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 99ce159c0cc31525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176551,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"2343185ba5f4377ed5d0a1b3a2ba6af0","sha1":"c3083a82323f37f10c4eb7ea1326082053d44f4a","sha256":"c9166e5b8cc24f91e258e155f7884dd2d29e4275117c1540e4893a2866e3cec6","sha512":"a9e03ff598dbed57fcf5a173736014315edb785ccbacb2f2f6b614b826d9bff886c200582c0aa2a173a192f57d1ef69c2ddd1f72837729faec8c99dfb23a2472","ssdeep":"3072:IZOkb70m365YPUmH4hEBhk0+GIEDT+yH91bR2F:IMS70mqqc+MGI5yHs","tlshash":"1d042bcd34cb79d5a32321254117f0ceb1be7c8c2118aa5de60059e17cda7a87267fe9","first_seen":"2025-11-11T13:20:41.884752Z","last_seen":"2025-11-11T13:20:41.884752Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/99ce159c0cc31525/1762867199802/c8MuNTx210Eb8zF","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-11-11T13:20:01.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/d/99ce159c0cc31525/1762867199802/c8MuNTx210Eb8zF HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 275\r\ncf-ray: 99ce15a7bfbd1525-OSL\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":275,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 47, 8-bit/color RGBA, non-interlaced","md5":"fa454ecda8f8149c5e458a9c783eda71","sha1":"2efa37dfcb840eb6b37fb09f015d9b5b7a8b81e7","sha256":"3bc1ea7327fd08149f8e61c1cace245c4f562e98946f2601cd5b85b356aaa26e","sha512":"0299b429b6e294a89181ae77be03ad45adec9ff126cce95999b57d6cbdc781ec84ac0ca9a14e302e1fca6e3d693c20fc851e692430abfc75d2a925653aaf0c61","ssdeep":"","tlshash":"3fd0ec50266874216dfcded12a036b04e459c8e2524ecd6b758a32900a003eaac4cec0","first_seen":"2025-05-14T21:29:51.719757Z","last_seen":"2026-04-03T05:24:11.66852Z","times_seen":108,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T13:19:58.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 11 Nov 2025 13:19:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=SQ8brRI9H0HsO%2FsUPZAYRel4MuhORH2HRFEbmaubKY%2BqQgH7e0Gg5bqy04VFND4n2fnQ7VXWUVy3%2B3C3mZ0EHBNdFt7OeChTOmHnONPjfTAjUBz8gd2D6buwnpF3\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 99ce15977a260883-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: chlray;desc=\"99ce15977a260883\", cfL4;desc=\"?proto=TCP\u0026rtt=559\u0026min_rtt=485\u0026rtt_var=179\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3271\u0026recv_bytes=1244\u0026delivery_rate=6683076\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=4fec6591cdc5fa84\u0026ts=33\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7593,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (7593), with no line terminators","md5":"21f6257b0f1b40263a39233d09d213e0","sha1":"464b276d4a96403d6a6333cc0eb705375a6db7bb","sha256":"edd2895d1d57ff1a4c22e94759b98e8cae379b7a3db3039d1a86402be4be92aa","sha512":"0167e6250e69c480ffb30ac31dcaa1fba256905cf4b1655fec870577fb7a28f58e4ca66c97190edc32c52e2011863fbfddd33ab91f70b1b4d5fe0a8e6a886772","ssdeep":"192:PNadBkxbnaUR853Xet75W/V7F3B7bjl+yy2gw:0o1nGFuvW/b3B7bZU2gw","tlshash":"cff15de795121137a3f70fa1086a3309a002a576971e9042f9e4b69ccaddf83865a68b","first_seen":"2025-11-11T13:20:41.888793Z","last_seen":"2025-11-11T13:20:41.888793Z","times_seen":1,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":45,"dns":22,"connect":1,"send":0,"wait":15,"receive":0,"ssl":19},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T13:19:58Z","timestamp":1762867198,"ip_dst":{"addr":"104.21.74.94","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.16","port":45478,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-11-11T13:19:58.820357+0000\",\"flow_id\":154641236899384,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":45478,\"dest_ip\":\"104.21.74.94\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"ebpm19.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://ebpm19.top/\",\"length\":167},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":667,\"bytes_toclient\":1225,\"start\":\"2025-11-11T13:19:58.800312+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ebpm19.top/cdn-cgi/challenge-platform/h/b/flow/ov1/1911302075:1762863322:ZrebEtIsrtbvDfPWx5giU7oSjn4bdlCtu_SO_hViiVw/99ce1598a85f56a3/BrxAV4aCka.Dr6wBVaZ5.rh21896sWLegkbABmfjJck-1762867198-1.2.1.1-ijqaOHi3elSPRQECWQRq.WCjKMXmTQ_JXawQ702G.tveE5UacEzocwh2XN55utr4","fqdn":"ebpm19.top","domain":"ebpm19.top","tld":"top"},"ip":{"addr":"104.21.74.94","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ebpm19.top/","date":"2025-11-11T13:19:59.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ebpm19.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 20:41:04 GMT","end":"Sun, 01 Feb 2026 21:38:49 GMT"},"fingerprint":{"sha1":"B2:6F:A0:C7:36:CA:BC:FB:F1:31:67:78:07:54:5B:37:B8:0D:D0:75","sha256":"6B:B9:AD:E3:C7:65:6A:E3:5D:AF:20:6C:B4:02:47:18:99:30:D2:A4:6E:CE:C8:C7:35:4B:DE:EE:08:79:32:2A"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1911302075:1762863322:ZrebEtIsrtbvDfPWx5giU7oSjn4bdlCtu_SO_hViiVw/99ce1598a85f56a3/BrxAV4aCka.Dr6wBVaZ5.rh21896sWLegkbABmfjJck-1762867198-1.2.1.1-ijqaOHi3elSPRQECWQRq.WCjKMXmTQ_JXawQ702G.tveE5UacEzocwh2XN55utr4 HTTP/1.1\r\nHost: ebpm19.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ebpm19.top/\r\ncf-chl: BrxAV4aCka.Dr6wBVaZ5.rh21896sWLegkbABmfjJck-1762867198-1.2.1.1-ijqaOHi3elSPRQECWQRq.WCjKMXmTQ_JXawQ702G.tveE5UacEzocwh2XN55utr4\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1986\r\nOrigin: https://ebpm19.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:19:59 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Tkmc%2FbGR%2BlJsbgJ8HkAswSqtNTOse7MDW2OzjFjGiNz2P3M884MyERC3AePS8Y%2B2VqT3oeaf9Iv67xbrb9Q0sSwRzbCrU8dDODbjJkwD%2BGU9oXmJ6EcJF3cUzqxs\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncf-chl-gen: RMwzfzslcWxe04x7rgcrS3VbM6n8Oq+bdGqZ0tqGIs0=$upnaitLvzr+9V09iTAIbrg==\r\ntiming-allow-origin: https://ebpm19.top\r\ncf-ray: 99ce159b387956a3-OSL\r\nserver: cloudflare\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri, cfL4;desc=\"?proto=QUIC\u0026rtt=1135\u0026min_rtt=466\u0026rtt_var=638\u0026sent=66\u0026recv=27\u0026lost=0\u0026retrans=0\u0026sent_bytes=59535\u0026recv_bytes=5463\u0026delivery_rate=19868625\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=0\u0026ss_exit_bw=0\u0026ss_exit_reason=0\u0026cwnd=50632\u0026unsent_bytes=0\u0026cid=8b1830629d283ccb\u0026ts=598\u0026inflight_dur=40\u0026x=55\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16684,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (16684), with no line terminators","md5":"d011dff4ed7904d3e8fe17578d934447","sha1":"18673f5bce57b9cb592625cc67f70773cbbb0bd8","sha256":"f9acd7a66a4747154009ead701d3a458266a79497606f87be7abfa86800b1f0a","sha512":"b93745a3da083a248f22a5a60dd700d52f892e04d8ffc5522b4cf732bcedaa2966ba713787339c1dcd6dbddd29ea297a09c7fe244c8b3447c55267c2e5126057","ssdeep":"384:Yi3dFLGB4MJGDzmjBtCxNL7btqXIXhqMAQRa/q:Yi33S3JqajBtC3tqXIxqMAQRCq","tlshash":"4872d09f27b41d0e9f54a5d907caf0481e7def8f5042b152a86cc72e7c45cdb7018a56","first_seen":"2025-11-11T13:20:41.891435Z","last_seen":"2025-11-11T13:20:41.891435Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ebpm19.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/410289386:1762863322:Id6JE3lCWkAfWv74-Tbka-NH6_BzhXbr3g17kblUC0c/99ce159c0cc31525/KoeslbCtQNZ0HPdABfxgDGfXtXUzFkxPMMUzuwiRCno-1762867199-1.2.1.1-m9QmRUDYYAdKao6z2Ei.VoXes1MHaunlOCnb20EmPooGALV3CXztl8Utov4PW.O.","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-11-11T13:19:59.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/410289386:1762863322:Id6JE3lCWkAfWv74-Tbka-NH6_BzhXbr3g17kblUC0c/99ce159c0cc31525/KoeslbCtQNZ0HPdABfxgDGfXtXUzFkxPMMUzuwiRCno-1762867199-1.2.1.1-m9QmRUDYYAdKao6z2Ei.VoXes1MHaunlOCnb20EmPooGALV3CXztl8Utov4PW.O. HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\ncf-chl: KoeslbCtQNZ0HPdABfxgDGfXtXUzFkxPMMUzuwiRCno-1762867199-1.2.1.1-m9QmRUDYYAdKao6z2Ei.VoXes1MHaunlOCnb20EmPooGALV3CXztl8Utov4PW.O.\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3970\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:19:59 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: UzHhNTpHvIbbo0ASaMX+eoBgegbGlhHfLM+rPmeGuzkatNAMsH0J65AC85XhjICp6vTboDJ0w6p9csgGXEUSKWKdfQrx6kI016cZH9gxzOJJ+z3VBwTXt0UDvqoEEYwLOAYxojw+0GJqCi2NclZDztBrciOCmxivMUC916/6GUEomKtsKJ9QSEHB2XQbKQX9WIlsODXMhqvG9mPaFHz1vF4qC+wACrpNx2kwDu5zqjOV/2xIZIiGCqLzzfk8ZNJ0a+6xNYdt9Y+OWXGOTJ3kYHvgIPyIh9Rb6eSuGM41YSuJFpo65hzck4mfE1QQ1Y7G3ODWWDBiv9kkk/LecGA5G8Uo7+/9Ol2qYLlvZBijmOokBsckRKoaPW6r9/ZjK9Hcozgbsg2Y8aVR4W9RvMwshUVobWRUtpJHak6j4y9hrl3Q3bPoL12D+HNX+QZWcOMk8kA2bZn6yT4SeoRI/JlwGg21OowAJJ2vEVgG4HPyF81OIYRxqFIJBmzRMx3c1ApiMKNiLSHVky46e6ucGKwLxf95TMSEIemihob4NNx9JT4eobSl+b0KCZ0uBS0oJT1YSBEc1sVpx/iwm23QtziUfUHgN/G07Fklr/89zhmaDHciqW4olSN/AZCZc3xitfHVP/PFVk8EKKXrHMKkaGGYEfgdGTdr3T1h60B/x/trAtHbqNoPoXdloNGqhJOWqLVgHp8n4YTjc6uy9lO6w/LRRNdZyjrORRefthUpZH+yRHj2hYVEVE2yjfXLmZfmBLP9h7BYci24AfxG8WYSyUsCbw==$EagxT/zRFKBeeDFQmr4ytg==\r\ntiming-allow-origin: https://challenges.cloudflare.com\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 99ce159ebc491525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":212304,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1adbfcef97a8fc240876056a238f4a56","sha1":"81422af8959b5a315b6cce5790aab11b7c558ea0","sha256":"8281d50a1e32af18a17a8aca9853fa9b000f37046180adbaaf206a22d39393ab","sha512":"efb023f59331eeaae7ec3c540039638c9c8a431192df83f5ca6f839831df4c258c1b7a3a3baf4684a480f9fe3762f415f320beacd3de50ba220b9501c8aafe74","ssdeep":"6144:/j5TVcXOc1ID1DVmQrp0iqtVVEuHIEGniajDR2BOBo:9TqXOLRmQrSztVVdHWiajYABo","tlshash":"8b2422758d4c0f0ed890c587a968b9207e85eda1bc13a0b466f735c7cd6f6db992302e","first_seen":"2025-11-11T13:20:41.893829Z","last_seen":"2025-11-11T13:20:41.893829Z","times_seen":1,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/410289386:1762863322:Id6JE3lCWkAfWv74-Tbka-NH6_BzhXbr3g17kblUC0c/99ce159c0cc31525/KoeslbCtQNZ0HPdABfxgDGfXtXUzFkxPMMUzuwiRCno-1762867199-1.2.1.1-m9QmRUDYYAdKao6z2Ei.VoXes1MHaunlOCnb20EmPooGALV3CXztl8Utov4PW.O.","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-11-11T13:20:04.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/410289386:1762863322:Id6JE3lCWkAfWv74-Tbka-NH6_BzhXbr3g17kblUC0c/99ce159c0cc31525/KoeslbCtQNZ0HPdABfxgDGfXtXUzFkxPMMUzuwiRCno-1762867199-1.2.1.1-m9QmRUDYYAdKao6z2Ei.VoXes1MHaunlOCnb20EmPooGALV3CXztl8Utov4PW.O. HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\ncf-chl: KoeslbCtQNZ0HPdABfxgDGfXtXUzFkxPMMUzuwiRCno-1762867199-1.2.1.1-m9QmRUDYYAdKao6z2Ei.VoXes1MHaunlOCnb20EmPooGALV3CXztl8Utov4PW.O.\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 34444\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:04 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: br\r\ncf-chl-gen: 1tVTr47pAarlMBhlQ6tAXM7eHHLasDjXU0BgMHd7uZVNJfW2FHHIp7y1B5x+tEZS$qMhv7O+8azpsSpRmCG2Pbw==\r\ntiming-allow-origin: https://challenges.cloudflare.com\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 99ce15ba58cb1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28832,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (28832), with no line terminators","md5":"911e5c9ff2c886115f09049d78a6481b","sha1":"229753c00b25cc8eeb0d7bc74b0d705daf3512a4","sha256":"54017aa7ffba9f8311b009c25e6e9d495c387bd8ebb6777ca49f1239dd15154b","sha512":"38765d8ee3f164c326a6a60355a849413012b652d860afb9ca62930e687c849639d47efa90c01bf08890e47b4dd2a923d161ddfbfbb229f9053dd8caf26c44fb","ssdeep":"384:7TFWMVV0OEiyGTpR66u4nywrl8BghsPSdm1Xrc5Okc2FRqXFZ7io4AfU7GTI6076:7DVZn6Juzhfdm5rc4kj4HIAGc076","tlshash":"f4d2e116182c658d0b317b095e801511ec909f7c29d787f0b2ee776aa8d57fb9f31817","first_seen":"2025-11-11T13:20:41.896157Z","last_seen":"2025-11-11T13:20:41.896157Z","times_seen":1,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/C.css","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:11.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/C.css HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 11 Nov 2025 13:20:11 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-encoding: br\r\ncf-ray: 99ce15e909725687-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 568033\r\ncache-control: public, max-age=29030400, immutable\r\netag: W/\"QmPhE224j4e4eabckfwAZCD6UPoQagnM9U5FN1f6f2AUrz\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/C.css\r\nx-ipfs-pop: rainbow-fr2-02\r\nx-ipfs-roots: Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ,QmPhE224j4e4eabckfwAZCD6UPoQagnM9U5FN1f6f2AUrz\r\npriority: u=2,i=?0\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":34239,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (383), with CRLF line terminators","md5":"4583fd9217bf39632ef43a05ae22da4e","sha1":"1ee1bb9382cc635753d01301b371110bd0cf1553","sha256":"d59de1c4f49d3fb143d0697e8dafb5f616ea443a6634f2c69037e0155bf9b770","sha512":"38c222e824420c59f12f3ebd56e971a4dc09b9fc474aef0f79c4b35a86fb6585566cf66299c3dca5778cb3ba61aed7a657d90d2e00a27a612be370f489670452","ssdeep":"192:Vk0zi2BPkSGw1dZk/5AVpk6pVTPDt90sBq3B2tK1pe+jikFNrT+nDrl6CDwU1Xzo:Vk0zVPh1ofHEbNJVXK","tlshash":"26f2231a850211029133eea46bf60609f7e504278f4392e97ada7255cfff67846e2fcc","first_seen":"2024-07-06T23:44:54Z","last_seen":"2026-04-06T22:57:01.766113Z","times_seen":119,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/secureproxy?e=ping_proxy","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: text/html\r\nlocation: https://ipfs.tech/secureproxy?e=ping_proxy\r\nserver: cloudflare\r\ncf-ray: 99ce15eefffe5687-OSL\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nx-ipfs-pop: rainbow-am6-06\r\npriority: u=4,i=?0\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":191,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/f2fa90d264ae0063b0cda7fee6721b405dd4b866.ttf","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/f2fa90d264ae0063b0cda7fee6721b405dd4b866.ttf HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/C.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-encoding: br\r\ncf-ray: 99ce15ef48515687-OSL\r\ncf-cache-status: EXPIRED\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-content-type-options: nosniff\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/f2fa90d264ae0063b0cda7fee6721b405dd4b866.ttf\r\nx-ipfs-pop: rainbow-am6-01\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":231,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"14d59f23471c8ec18f76decd047b346f","sha1":"1543ea6fa8302c60dd22711c9778d4ea85b8c0ce","sha256":"270e93d78836165238cec7edb62e5dc867914ec3d8ff9fd58f63327c59cc2cc6","sha512":"0ffd18bd4111803f65c60338350bd1487ffe500abdcb4a5b5c1585d352f84be197ad90ca5af40d039368dcd5dac072927ae21afb91d8e898cfa41ebff302c6e9","ssdeep":"","tlshash":"5fd05ea4ea54b08c2f3c72ae80a0eba7a272d4f91a44f18da0e9948e0166c15b843b50","first_seen":"2025-08-31T15:59:17.90809Z","last_seen":"2026-04-06T22:57:01.764036Z","times_seen":104,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/76662bdb665197e1dd3f2f8933d4d8b4a5dfba80.ttf","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ipfs.io/ipfs/QmYmL8EdQPkbF3CdCshhQLKcCRxSB5ZkBTGRiFChzTUd1a","date":"2025-11-11T13:20:12.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 05:04:12 GMT","end":"Tue, 30 Dec 2025 06:04:09 GMT"},"fingerprint":{"sha1":"C5:AA:70:5F:C2:8E:A1:54:9C:05:48:76:A3:69:64:F8:20:2D:11:6E","sha256":"59:38:DA:E3:3C:CE:6D:C4:62:4B:EF:49:C5:BF:E5:BC:7D:E3:6F:F1:68:17:FA:34:9C:F1:5A:FE:AB:DC:7A:D4"}}},"request":{"raw":"GET /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/76662bdb665197e1dd3f2f8933d4d8b4a5dfba80.ttf HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ipfs.io/ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/C.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 11 Nov 2025 13:20:12 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-encoding: br\r\ncf-ray: 99ce15ef586f5687-OSL\r\ncf-cache-status: EXPIRED\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-content-type-options: nosniff\r\nx-ipfs-path: /ipfs/Qmeum2LxAv9HGkdYYU3LiqGsM6fbMuPfnavQPuDvxmZzJZ/76662bdb665197e1dd3f2f8933d4d8b4a5dfba80.ttf\r\nx-ipfs-pop: rainbow-am6-04\r\npriority: u=4,i=?0\r\nx-robots-tag: noindex, nofollow\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]}],"data":{"size":231,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"ea4d64a2b0f0e0dbc7e14776f758d519","sha1":"0fa607547add10d68fde18520a0e26ea1c6aceb7","sha256":"20404b3d9464bf43ec58660bf9d1efaf970efa486c83dea4957a619cf033adc2","sha512":"3b6b8e03ef46f6a96a2bad43dd6c43c7184c1627c51cec70a7de165b11c99bfdce6fecef829a97807ff8bb50543a8ab9026be5d1548cd556a95f5c34d0ab3c50","ssdeep":"","tlshash":"02d0a7f8eec176682b2091df79e597f57063d4f25520f04472e5cc4e0119550db03702","first_seen":"2025-08-31T15:59:17.895165Z","last_seen":"2026-04-06T22:57:01.764704Z","times_seen":104,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/99ce159c0cc31525/1762867199802/6a9a5ba22ea69f3faa2c57f51318ab283fe643f05e63c49c85a3511fb263b378/6s8WjU5Dw_XxDFB","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto","date":"2025-11-11T13:20:03.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/pat/99ce159c0cc31525/1762867199802/6a9a5ba22ea69f3faa2c57f51318ab283fe643f05e63c49c85a3511fb263b378/6s8WjU5Dw_XxDFB HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/5ifmn/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal?lang=auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Tue, 11 Nov 2025 13:20:03 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 1\r\ncf-ray: 99ce15b2c9711525-OSL\r\nwww-authenticate: PrivateToken challenge=\"AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gappboi6mnz-qLFf1ExirKD_mQ_BeY8SchaNRH7Jjs3gAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAl0GPil1rlxj7eUnJ0GT7ifpxF_9GDLnZRfYMHBwFehe21Gf8s65GWzD9GUGh1uvs9CadFRsIa_FoumCYlwC1c9kQ1aGyAZ0hVrrWSPhseEV8jt__FOY-gO4SusMANMrfULdIYZFT7nf6RwoX6h0Y_eQBpaWptDOblU-BCm2TA5Gy4wFovFSRNHiWY-FajIyoe0qUr1qiO0PiMzflSk6yrLrroS7w9hBLBs4YXPUPqrFUAwlQsNHMReRqMhIU6u8TASLEfHNysz2Onrmk2rX8oXsgE-vF9riBC2v4sjJWZoJju9elfgMfrRwOroiCN3Z1JxtHi-1jYIWUVJM6o8Yl0wIDAQAB\", max-age=20, PrivateToken challenge=\"AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIGqaW6Iupp8_qixX9RMYqyg_5kPwXmPEnIWjUR-yY7N4ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvaVEnUS4XA5qz7wyLL3s8zK1EItst5KIhjLmfQ5GZHKYFbHA_71WMfyyheXbVm66Vd5RXvdtfkpLy0-oy1-5QtmORauxKG43uwOaafsoY7VnMvCHN6z7YKUXoQRZ61v4tqVv_e3Khmk3BzCBGdEBpdq7T_aE7oyNeCepnuS8fZY_aH9dZzfQCQQ87xe8BzDc7hY_W8R99FwIBPeem4YeQhoU7wutMmUgOkwBSunk7Cb1Y_oRuo3NA8RHIxF5zXWMvCfTsbGva5UNYsEEAz2_5LkvxHxMKmeYpFCHjE1wvpev9-avNz9IfbwNVYMiuUgEdTQWyrECGAW6YDubXWIAKwIDAQAB\", max-age=20, PrivateToken challenge=\"AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIGqaW6Iupp8_qixX9RMYqyg_5kPwXmPEnIWjUR-yY7N4ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAk0FmnUzdABSNz_NCoNLJ-AtLmz76Inx1fyxbftYVF8rUJO3O-bLaS0pRrPVr4nwbc8LtM8hEysYftD2TXx80DlJDg6GimJf33HO-BAMvrbuodWETJ7n2RZjlg4Im8wojOYBT5QLNTbMnswhd4P1sszyzV-CL944JvOhWX-qaJdNkmSDSDcnGx1fgiX7FLOaH95HvGhacx4em5XN7oMbhuZhs7w98mLVQvBie38DsC6PQKfK_7TaiKY2wqYMRrQKqOJmmyU66eBCPpeOyAUZ7ZIuyZE3NkL5mx8cNOyqWje-ly8PdHakrdcLHCM9f1lTRfWLk2-krOeUMMrNS_KGGgwIDAQAB\", max-age=20\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:56.379428Z","times_seen":422784,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}