{"report_id":"a2fa9794-513c-473e-ab57-877b5b2f6397","version":6,"status":"done","tags":[],"date":"2026-04-03T18:19:19Z","url":{"schema":"http","addr":"greenlandshark.net","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"greenlandshark.net/","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"title":"$SHARK - The 399 Year Old Chad | Greenland Shark","dom":{"size":32693,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4355)","md5":"a4de57c1782294c6fde79a182e89774b","sha1":"e939ab5613c1fca04c9dc6f110aa6594e70192b4","sha256":"496514f76998b7c7935b563d911a824cfc4c2f2e33930fc6ee53495f08d3ecc7","sha512":"2053e63756fcef2f698f5ecee379f8bf6491213243c9db9e925b7a9f9ed58db51e1149c9270d4635f650ee125ff3459fc7af23f1cf8216fafcf918d09ddd889e","ssdeep":"768:gusQBK66jMIC/6DKLGHj75J/TeJRXci177SxnFV5UO6UGGEOFp4bv:cwK6cE6DKLGHj75J/TeJRXci177SxnFU","tlshash":"71e2987561a31052a413a5b267eb070d76b4e503da07cc287bfe2784df82ed8abd3349","dom_hash":"domhash953283fb6ee7d30d3c8648e46026eb06","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"greenlandshark.net","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-08T18:19:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"greenlandshark.net","ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":12,"received_data":884009,"sent_data":5787,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"greenlandshark.net/","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"89385bce9daab0f90220aee18cebf3ee","sha1":"2b6b977cd105b9faf1d77311ecf4ed8499d37f88","sha256":"4e5c6a25808e067308fc3e21f1129034808ddf2f00909105de433f8b30e95570","sha512":"217043101027de6495882ab05f5ba323b8f1dd1ca62c653f671aa5c501bf8c90a08da712b3da1638854492fe923960d00691611e8732504b64eec168b1d769ae","ssdeep":"","tlshash":"44c0c0408070ce600c2c00a7607827d43050251d914a60c6c3bd9c87d54cfc04fc8000","size":186,"data":"","first_seen":"2026-01-20T03:01:09.599022Z","last_seen":"2026-04-03T18:19:24.773518Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/secureproxy?s=%2Fipfs%2F_qEVAUVavvzeiYiasp2KRw7531dfc2b686e4c47507eec9adb88115%3Ft%3D1775240337707","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"705096b397d51e3330d732abba30e7a1","sha1":"c77a9bcabedb4a65ffe96c32c581780ae6a35f9e","sha256":"f9fd8fbacf78f5920fb6a44a31dd71b3cff28719a242073eaa30abc99009c217","sha512":"b39a43e29b8db29c3f0e1337e287e846b398cd735034c5e1cf9fe3cef6e7ee9cef9988159acfb4e7d1f38db7dca96fc53b97050e9bfe45a3de5b76bb869c4273","ssdeep":"6144:Ih5gDLEAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:osgAnXwRTMP8chPc730WW","tlshash":"b0d4eac2ab081573408a2eb5047b42afdf8c2d4d078ba85077f9afd9d74578231eee59","size":622827,"data":"","first_seen":"2026-04-03T18:19:24.770818Z","last_seen":"2026-04-03T18:19:24.770818Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"greenlandshark.net/shark.jpg","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /shark.jpg HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 58210\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\netag: \"69821f66-e362\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WQbnVsA6R0DkrJAKCgpkvOR%2BlGLHIoL9MnTOUSWD3wppvTI3Es9Ecv3Au56OAGGn%2BFQSzLybXW4121AFTn0bEDl%2FnF%2F5Z1QPH%2FnjNmotJFxxKWK6LVCxtRX1frA0tYN8c7apswU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e6a142d0c175694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58210,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3","md5":"4f758ed88e1dee05478ba008c4c246a1","sha1":"c850fa53d5b449b8cfbc0d3e4002899c3473780a","sha256":"39d64eaba75442dc4d3ec7b39d33c32f1d3493b26117800766516e30b386c0e6","sha512":"637871a6dc8fa1d6ea0738007dd1c5f30e0aceb8ffc05be8614e2333974ceae4eaf48a1aa478de57dba898291e4b046b2b59c0cf4a50e17d8ea8955f5bf32c8e","ssdeep":"768:VgZwG0h2pEXJbXwh7KlZr2jK/lNdT3d5mxp7fcy0EBNOcQxive7t0XbHH1XgiEDD:WwGqpX22dtNIxp7TNrUiW7Kr67DFQ2H","tlshash":"5a43f1b24b9d0275e9e4a5729050030d2b76fdec0062f19abca199cb5cd61ff48a42ff","first_seen":"2026-04-03T18:19:24.7635Z","last_seen":"2026-04-03T18:19:24.7635Z","times_seen":1,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/css2.css","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\netag: W/\"69821f66-1396\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FaIS4%2Bjy%2BZ60pUFBTWod7ILSitClyJndZy0JIRdkQ35GCBy9x%2Fp6r36HWOb1K%2FfS7FNqpmLrwQljQubu%2BdEynWXyK%2B6ObQRaXUtecu%2Fd4%2BCx86e36lFhSUKx0%2FcZqUj2IuijAFM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9e6a142cfc165694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5014,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6ae09a7b882ca1de51f93e6c1a55c841","sha1":"23b1d9e79534259fea653ab5b470127a9fcac2f3","sha256":"67a8359644eed6577622dee2963544569e7e2cbfe245a1b685496fba9c5680d1","sha512":"8cf7d2ec3b6dd49686569bca4dc39d3fb8b30d90c93c384d5a14b1b058f2718c758da95be0267abf409858c3fa37a1be02f7daa09808ae9af5eb91a437e19aad","ssdeep":"96:cc0OEa7x0OEa7AJc+uI0OEa7SNvOEaKwOEaOFZOOEa5OEa9Jc+u/OEaM2NDCOEaW:cql47FK/821N7V/eYmsOix6","tlshash":"baa1eb90082e6100e7971cc12bcf3f32ae9db194a446d9386ffe1459bc9fda463a5b4d","first_seen":"2026-04-03T18:19:24.764665Z","last_seen":"2026-04-03T18:19:24.764665Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/a1e777b2ed2992a8a8e7aee78538d4aca380f15c.svg","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /a1e777b2ed2992a8a8e7aee78538d4aca380f15c.svg HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69821f66-a5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zk1tiyeIoy7jqJmeS5q%2FVORytOqQI2VvrOqMo%2FZ5sMGtfF0viS%2FHyBmnIH92VxcqC9VezZvfykPJzNMRZ9TFhUZCXPNfzSuDQO%2Bayqv1LkBmgplqrBnDfoSo%2F%2BRmpgLd9zfB784%3D\"}]}\r\ncf-ray: 9e6a142ecc215694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":165,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"84746cb47fef282b0bf4d389c53307c9","sha1":"a1e777b2ed2992a8a8e7aee78538d4aca380f15c","sha256":"2404325fe9bb12002efd588d9a33f3c985d60d1ebc253fa20a38adf02d017bbb","sha512":"1bec4297a5634b82299f30434a93774a516d411c5394583484648f0516c7bbb991e42cad1c967a515fda519b208679f3704245904b60070aca2207677e2cfab0","ssdeep":"","tlshash":"92c080b9a1c10fb5d24cce10195a757f77ed44c40183447ceae301257142cdbd4c91a4","first_seen":"2026-04-03T18:19:24.766462Z","last_seen":"2026-04-03T18:19:24.766462Z","times_seen":1,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/i7dPIFZifjKcF5UAWdDRYEF8RQ.woff2","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /i7dPIFZifjKcF5UAWdDRYEF8RQ.woff2 HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16520\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\netag: \"69821f66-4088\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZEayILsc3fAxoEPHSYnquB3afOOGdoyVO2dhaHaMW1qH5HELSMeWe8JTtX1u03NwrQu4B2GXu97WiUwMmBMxXTPGJPFv0Xple%2FVEM0NHY%2F7JKsb5AOm%2BEt9RlK8BbQThuMaJmbo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e6a142edc225694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16520,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16520, version 1.0","md5":"049dfc5919c21896a13296775d80b8c0","sha1":"e2ee2d370f0d46ca5a113126da3b58e16240fdec","sha256":"fb4a81a2d0a893e5c38c394a7e716a1cef0b24610a0af49c96f6d529bd66bf2b","sha512":"ffe3d5afd5a536cb2e78212c39163f16c254fbddca8c586ad99f0f06d27dad6af5b664d523909a0e3c5ed10d239e7f0fd96f2b2970163b23082f8be15a62cea2","ssdeep":"384:KWnkX//eTuOOsUGC9voO/fHl7exLa4Mp2e0+9NxHg+UM:KSm/GTuPsUG8vnnl7aL2pJHg+UM","tlshash":"0272d148764753bdec6bc86ce1e9ebd2e835b934c83c428fc858d8152161a53e86e34c","first_seen":"2025-02-19T12:54:04.599046Z","last_seen":"2026-04-06T02:39:07.873965Z","times_seen":1544,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/N0bU2SZBIuF2PU_0DXR1.woff2","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /N0bU2SZBIuF2PU_0DXR1.woff2 HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 14344\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\netag: \"69821f66-3808\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m0AsQfNPvByjt4a5L0M3YsfidcwqY%2Fxm1pqVAVyePeSSqsPtAF2Vqy0XTutpTbbBADMdCbMh75aUKBurwzqt7yoca%2BOJHk0pZ8Kquly%2BfHFiCSDyRgbHKfJ946%2FLU2MmNyM8Raw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e6a142eec245694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14344, version 1.0","md5":"57cee48e32651d9e989481ada854fd86","sha1":"5ec5c9e8c0458d79edf112204841bd10da518832","sha256":"126eec706b7931682dbcf6c6efc274132c603f181fbf912678e6cfeb341e721b","sha512":"7acd632e6add68a348feb15343e28c4691dca7d5d406f9db5729d6c87359b04013c128dbc10750147447937877a5526943d551294093a6c94366d27befd9fc7d","ssdeep":"384:QSxlUKMuvYmg5c1bQwJeSsBK062877TDzZaJAVsz:Q4bpAmF1VeS26nxM5","tlshash":"f552cf1035212940fd25981ee5349fe78e102c29fc9b68ebb01b18bdaed701ad7b5f69","first_seen":"2024-12-12T16:27:15.638533Z","last_seen":"2026-04-06T06:47:57.01756Z","times_seen":1974,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/qkBSXv8b_srFRYQVYrDKh9ZfnyTG.woff2","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /qkBSXv8b_srFRYQVYrDKh9ZfnyTG.woff2 HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 72892\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\netag: \"69821f66-11cbc\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HL11%2FhAhMgcwi1RCUX%2BPsCwN%2FU2xyY9yT%2FAYruufArr3PvFo3R06QwdqTxYOe5sq2krTW%2B3%2BFCFqr6sijvfFJKa7XhAEux83sra8Ih4PJZWz2J5OLeRe6%2B7jeeTwU0Pp%2FA3%2B%2F%2Bg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e6a142eec255694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":72892,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72892, version 1.0","md5":"e37fe89809aa6bf108dc85c0325a3782","sha1":"dc928dbba1c1df86ddeda1012aba3cba079b5741","sha256":"ce7442b4b24dec89c46dee8926494d916d16c42ad038b9a14dceb96293773a5c","sha512":"511ac3eb855f8df15f64108a7effb670ebdbd422809a730ce771d648048eb5fb45b37a79353e869dc96ec3da8b99ad886be10d21b129f2eaa0014ec1cdd60f9e","ssdeep":"1536:4QXNyHPd1o77ls5dZ/N1TfMN0IYyAQjvaEgop9h2bk:4QdA1oXlsDtvfMNroQbVnEA","tlshash":"3d6302d9fabf5dc461d6a3141edeb426b6ed60c38061845f7a66a34bc04c1bb4e3303a","first_seen":"2023-08-13T10:51:21Z","last_seen":"2026-04-03T18:19:24.768703Z","times_seen":13,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-03T18:18:56.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TN884T3xKCQRxOJTza5QwvjZiAYwQxg%2FCGvHx1yvvWqtzhLrg5gNAofHheQzIy9E13W9Kvg0d9nCsr6DAL5dN3MmBp2eKkizMF4AyJA%2BSZ2lS2LTFufLy%2BQrE%2BjSQo5V3qIYUGs%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9e6a142a6b57b521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32451,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4355)","md5":"c29c0febf687ada1f97c56ac05fd4963","sha1":"bb1710cba006c4bfbed3e656a9e96df978ff3ec4","sha256":"97c6f4ab269606eefe08c5a5873d2786b936aeaefa7236d344d628ec0c11038a","sha512":"a7649c0b8fb84373a5384b13d9dbda3edebd492791fd78af604e9be9bf5bfb23ad7f6fa668827f22f8743979eec45cdc9e3bc4a37c61d950568e33e70f6b46a1","ssdeep":"768:HQBK66jMICW6DKLGHj75J/TeJRXci177SxnFV5UO6UGGEOFp4bc:HwK6cH6DKLGHj75J/TeJRXci177SxnFL","tlshash":"03e2987561a32052a413a57267eb070d76b4e503da07cc287bfe2784df82ed8abd3359","first_seen":"2026-04-03T18:19:24.769878Z","last_seen":"2026-04-03T18:19:24.769878Z","times_seen":1,"resource_available":true,"data":null}},"time_used":406,"timings":{"blocked":68,"dns":53,"connect":1,"send":0,"wait":269,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/secureproxy?s=%2Fipfs%2F_qEVAUVavvzeiYiasp2KRw7531dfc2b686e4c47507eec9adb88115%3Ft%3D1775240337707","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2F_qEVAUVavvzeiYiasp2KRw7531dfc2b686e4c47507eec9adb88115%3Ft%3D1775240337707 HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:58 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"980eb-x3qbyr7bSmX/6WwyxYF4CuajX54\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=2PM3nh_h-erOXy3pHd7f0Q.js\r\ncdn-proxyver: 1.50\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 04/03/2026 18:18:58\r\ncdn-edgestorageid: 883\r\ncdn-requestid: a60079f169ec55207d105d3dd1123863\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J0J7g%2F3wwhZVVzjPygOT1hUQ%2BPM8nI85ydQarrYf5AN0qylBoT7eLIGvTVJ2WJ02r3h%2F797oWB5sJ8dK2IB5mlbfsl%2FwdAZFB37V%2BGveGXMCWOAAY8kvbzLpYblwAzL6tw0mnPk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e6a142eac1e5694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":622827,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"705096b397d51e3330d732abba30e7a1","sha1":"c77a9bcabedb4a65ffe96c32c581780ae6a35f9e","sha256":"f9fd8fbacf78f5920fb6a44a31dd71b3cff28719a242073eaa30abc99009c217","sha512":"b39a43e29b8db29c3f0e1337e287e846b398cd735034c5e1cf9fe3cef6e7ee9cef9988159acfb4e7d1f38db7dca96fc53b97050e9bfe45a3de5b76bb869c4273","ssdeep":"6144:Ih5gDLEAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:osgAnXwRTMP8chPc730WW","tlshash":"b0d4eac2ab081573408a2eb5047b42afdf8c2d4d078ba85077f9afd9d74578231eee59","first_seen":"2026-04-03T18:19:24.770818Z","last_seen":"2026-04-03T18:19:24.770818Z","times_seen":1,"resource_available":true,"data":null}},"time_used":988,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":868,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/12417ffc6ddf1c293afb4c46302a59db978b6e4d.svg","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /12417ffc6ddf1c293afb4c46302a59db978b6e4d.svg HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69821f66-80\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lQeJ21pss%2FJTZ5JX7ieMlLH%2BSXNoZ8ZH4%2FCGNf%2BuZ2O98XKmeKO4%2F6%2BLMIbp1glMtbprAtNCzJQBYlQXQt%2FRoBftg%2Fv3pivhJ%2F%2FDzORsjvKIE043EklpRiDsjvgboI9DoekRUuA%3D\"}]}\r\ncf-ray: 9e6a142ecc1f5694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2d25a74c835f5090f3a57f1e2232621c","sha1":"12417ffc6ddf1c293afb4c46302a59db978b6e4d","sha256":"25fd21e868593548eb2e7401cfcc8d3f9b54b4d1c711bae37ff607d1a0f22abd","sha512":"ed9c7db789912aa70de751d0e339366ccfaba42c45f4ca662bae480e994e2bd513b1406edb6be9ab88704e1f182bd61f5771287a8e05dd084b1c5f694a2cb39b","ssdeep":"","tlshash":"b6b02b3980e89c0ac60c8c0414147960a1a621800e88042cfa8514250003c42601512c","first_seen":"2026-04-03T18:19:24.771689Z","last_seen":"2026-04-03T18:19:24.771689Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:57.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2 HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16724\r\ncast-mode: default\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\netag: \"69821f66-4154\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eZ74jK%2F9OjN%2F%2Bk5JOpcE53%2FfpXYrF9gEX%2Fu%2Bn3NGFAjmZ53JDMoViTmRtKyLbcdwWh7YwJSzNaHeIj%2FU1xhsDyxLgx8WXR0iard0jphmmgcti5nQb8QaR%2B%2FYU8ViUqPnMkx87gM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e6a142edc235694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16724,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16724, version 1.0","md5":"e5e908997a453e21f2fe41cb72e186d2","sha1":"d0c504bd8f896d39883e0ddfc81c511af526656b","sha256":"2d46bd159b53f55c41167a4f1540a074649464194fd1e416f5b4694a6c0f282c","sha512":"dd6bf730a4b16a50b0977b2d8efe865be0805da41c50aa86d39b4892c79db91f354e91b1a2ce4198e4b58e26752d4e9a06e33e9911e63f2df2e004d610685cd8","ssdeep":"384:ZRyfvfqIrJOZA3s5dQsQLR7JIWapcGsukRYRv5fpD:ZUXfNs5IRQ3zkCZ5fpD","tlshash":"8f72d0b8fe064610c2542fbf06209de1831895fe192e4f24f8aa74ac4f1715e3f117ba","first_seen":"2025-02-19T12:54:04.600022Z","last_seen":"2026-04-06T02:39:07.874472Z","times_seen":870,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":247,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/favicon.ico","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:58.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://greenlandshark.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:18:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 03 Feb 2026 16:16:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z2PYhGEjrTt7E%2BHrBDl7Am58F6ClTntpblgV59HkbJcBYLn2gT2hRJDLmjGvRqXYnSHP84FC8vuPWAIBUsAmO%2BNJDJlevpbj3pDzGhRv5INW55RvGzvoB9s0osty8Yr4ipjnRpE%3D\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9e6a14318c3e5694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32451,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4355)","md5":"c29c0febf687ada1f97c56ac05fd4963","sha1":"bb1710cba006c4bfbed3e656a9e96df978ff3ec4","sha256":"97c6f4ab269606eefe08c5a5873d2786b936aeaefa7236d344d628ec0c11038a","sha512":"a7649c0b8fb84373a5384b13d9dbda3edebd492791fd78af604e9be9bf5bfb23ad7f6fa668827f22f8743979eec45cdc9e3bc4a37c61d950568e33e70f6b46a1","ssdeep":"768:HQBK66jMICW6DKLGHj75J/TeJRXci177SxnFV5UO6UGGEOFp4bc:HwK6cH6DKLGHj75J/TeJRXci177SxnFL","tlshash":"03e2987561a32052a413a57267eb070d76b4e503da07cc287bfe2784df82ed8abd3359","first_seen":"2026-04-03T18:19:24.769878Z","last_seen":"2026-04-03T18:19:24.769878Z","times_seen":1,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"greenlandshark.net/secureproxy?s=%2Fjmpd%2F","fqdn":"greenlandshark.net","domain":"greenlandshark.net","tld":"net"},"ip":{"addr":"172.67.152.130","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://greenlandshark.net/","date":"2026-04-03T18:18:59.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greenlandshark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 15:27:14 GMT","end":"Thu, 02 Jul 2026 16:25:57 GMT"},"fingerprint":{"sha1":"7E:46:9C:F1:68:2F:6D:7D:3B:24:BB:D1:7E:8F:BE:CF:1E:DC:1C:8C","sha256":"36:4B:A5:19:C8:91:5A:0C:27:A6:CF:8B:7E:F2:FB:C5:BC:E3:D6:EF:FE:D9:4A:22:86:10:8D:45:F6:A4:0B:E2"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: greenlandshark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://greenlandshark.net/\r\ncontent-type: application/json\r\nContent-Length: 1396\r\nOrigin: https://greenlandshark.net\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1396,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QB6ALcAhAADACyAs0CJwAPAxsAAAIBHwMAAO8nhn2XtsKCAT5EDQT8AAKHuiG9NGkCAAAbreEaB1BQqalGmPFPFifj8T9fqOZycH2on1CmQpFagIQ4ZjT7ghWzUXGMvdwedntEJNTqykRX5YTTF9C0bA6WEMs5NvFLATNiRNzjwQ059JIe4EXZxpxTezF2eBSdsD3br__X9MtTX4gDD4h3okc_GpO43i_R4MPwZGDSRckBTUfz8QjUcgYfKjy3iAe0BF9fluMZOG675cCBfNy9A44quHhEKVcxzZwPaAVWwf_jvSlQi6YUmI1KeRFVYDEgUDPel--4i0t_iKJHgCRASS7gTNYJQJ00leIJ208abImcTim1NScMkBh2eHnTfzPmX0xLK4gPlObfRz1lWeQSCC2GhrLSCKdvMSTxr-LhxLaiWuIMWKfNyXQ51Oo2EO5PdoFs6jX2QhiTcJ7YIZ2lokjkQlmgrALe5NRMiGIlLh6_0T3tO2y20SROhZsOPUWRjepERxJs1frzwbfebVQQ3jzp0suoUujqkOoxtn_RS6CGrtoaqmG_kM6hnoSLPH1RS5k5mqow_ilKjdIU68AnZOcy9l6Rz48XYfJ8QxLKHQT3aCJcMOLq4NmgyevocxBnyYNCuQMxMOkfEKzAGcMmNCcwVu5XTAlTOFiH--pSU8VVRiqPtQMZXlWu09dFo-tjmheX2Y-V9R6x66_wASwxP1EZcFfACBm-y_suJISlBQiR1sZK2L5YH9XZhu5nLrys0LSAJIF9bQSF_cSORzvTsuwPtYVYY03A7XfPv1Ca3nZoWKSCD8u6gb-eJWkTYyTnPfaUGADiiZQjb7Ay4nXMbEwWI2h5QRGtfxQAbYNH-kCwBTWPLs9UDM_1TOwHkMec6OBcwnoVanx9JR9b6-gKBIxIY749kfAmKxsv4JdRfKSbBXxGNKR4yIr4OPlqzprDPY0FfOjzn_fLW8VUOTutLDnTlA8DjUU87HYmv7JyWiepgBE0MVUgHcVbIiWQi_p_0cG6xhOvO6S3RJFTXS6K1v35_46BQ7VDcby-vlzvRpmTOO3CX2iph0GRZPkpcoS1fEK2iVEPfnpko6ZhmIu-_zOkw1WEdk9KOdLRRHYKlCa_txYLImm1ZniqT1kLJjWZaWkpJo0eQxoQ\",\"challenge\":\"eyJpZCI6IkVRTDBBT3pqVEdHWGZfM2dfd3ZuYUEiLCJub25jZSI6NDM2LCJoYXNoIjoiMDBiMGIyMDJiYWJiZWViMDEyYmI0ODc5NDU5ZWI3NmU2YjQ1MWIwNTk3OTBiZTFjZWJiZGNlYmQ2OWQxNjdmZiJ9\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Fri, 03 Apr 2026 18:19:00 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1775240399664\r\ncdn-proxyver: 1.50\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 04/03/2026 18:19:00\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 2360fd1cf4e680f505b7345a99697d44\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GnZXhABTMWov3b9hOokn6kSM1wUMBB2gx3rEHZIxRJGaKQzwcylTqyPwEr10BEquuuoVMPxAUVmWWo5r2x2d5ehecwfRWeD1GLZFk9pi5erOAqhTaN4Wpm225q6ysuVvPAuOwrE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e6a1439dca25694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":746,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":746,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"greenlandshark.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}