{"report_id":"bb19fc56-a840-4585-8ac8-a1dba8d46806","version":6,"status":"done","tags":[],"date":"2026-01-05T18:02:55Z","url":{"schema":"http","addr":"gitbucket.shop/","fqdn":"gitbucket.shop","domain":"gitbucket.shop","tld":"shop"},"ip":{"addr":"172.67.161.221","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gitbucket.shop/","fqdn":"gitbucket.shop","domain":"gitbucket.shop","tld":"shop"},"title":"GitView - Explore great open-source repositories","dom":{"size":11245,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"867cc7a47080ab321f945b5903d82ed6","sha1":"1ed51f08e02b3e7ceb2d59fae9ca6090bdd7540d","sha256":"d7aa7740fcc22555f30a0f653f3368eb6778c1458e5e0331b7bdb449b0d85ca1","sha512":"29ebe2abd179abebb80105f1286cf450cf465b2a209b304258307b69c82e16ed1bb1c4aaaebfc1c8ab25d6975eacf8d0e83eb222df185cd9853c8852f16e487f","ssdeep":"192:bg8xwo0Zf7/yXwV8f381NeW5f8yy8rp62TxXXSV+:NOxy+","tlshash":"d832572611f34422955290c6bba50f9b7bd4ea43c44b8a1436ac6bc98febdc3dc43b58","dom_hash":"domhash5a30d4799b93e332accc52402a6ed2cf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gitbucket.shop/","fqdn":"gitbucket.shop","domain":"gitbucket.shop","tld":"shop"},"ip":{"addr":"172.67.161.221","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T18:02:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gitbucket.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"gitbucket.shop","ip":{"addr":"104.21.42.123","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-05T18:02:55.174625Z","last_seen":"2026-01-05T18:02:55.174625Z","alert_count":2,"request_count":2,"received_data":12564,"sent_data":918,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"gitbucket.shop/","fqdn":"gitbucket.shop","domain":"gitbucket.shop","tld":"shop"},"ip":{"addr":"104.21.42.123","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T18:02:32.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gitbucket.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 23:46:36 GMT","end":"Fri, 27 Mar 2026 00:44:16 GMT"},"fingerprint":{"sha1":"8B:AB:81:68:23:FC:59:A4:46:91:12:F1:FC:B0:AD:D8:84:42:ED:BD","sha256":"0F:C9:FA:4F:76:2E:23:84:D9:C3:AC:EF:03:F9:CF:8C:E5:F8:31:95:B3:26:0F:34:38:DD:50:86:20:54:C6:86"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gitbucket.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 18:02:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VEeyHH4aXEnPpsZxGkkNX2D8BbF8yjigR%2FT7U2bCqV%2BbSkT9%2FT2RtPzCFKYXy%2FA6cpwxylPoGVjVdPHOl%2Bbamg0PFSeMpaQ4vkJffA%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9b94e322ac60b521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11287,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"efbae2719a048e92bafe2195c5a6dfd2","sha1":"238cb39b300d5c2f9258ee7b98c01db17e79a970","sha256":"8aca293bfa2f89dfd848acd6faf7e367dcfc2033e08089ba6dc5d5f0017a63d5","sha512":"b240fd0f99cfe74f11dfeb9fe74b9d62887c6384dc6d21bbff1d2048491d090692492f1520d58b5218052ae6221699f7f27a08e2f596df412e1f15d3172ec72f","ssdeep":"192:5g8xwo0Zf7/yXwV8f381NeW5f8yy8rp62TxXXSVG:HOxyG","tlshash":"d032562611f34422955290c6bba50f9b7fd0ea43c44b8a1436ad6bc98febdc3dc43b59","first_seen":"2026-01-05T18:02:58.985908Z","last_seen":"2026-01-05T18:02:58.985908Z","times_seen":1,"resource_available":false,"data":null}},"time_used":467,"timings":{"blocked":20,"dns":0,"connect":1,"send":0,"wait":427,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gitbucket.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gitbucket.shop/favicon.ico","fqdn":"gitbucket.shop","domain":"gitbucket.shop","tld":"shop"},"ip":{"addr":"104.21.42.123","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gitbucket.shop/","date":"2026-01-05T18:02:33.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gitbucket.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Dec 2025 23:46:36 GMT","end":"Fri, 27 Mar 2026 00:44:16 GMT"},"fingerprint":{"sha1":"8B:AB:81:68:23:FC:59:A4:46:91:12:F1:FC:B0:AD:D8:84:42:ED:BD","sha256":"0F:C9:FA:4F:76:2E:23:84:D9:C3:AC:EF:03:F9:CF:8C:E5:F8:31:95:B3:26:0F:34:38:DD:50:86:20:54:C6:86"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gitbucket.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gitbucket.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ndate: Mon, 05 Jan 2026 18:02:33 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yZkO3HKu7F0X8ycSVpfK4uX%2B2MwiL1ZvoxokxSvtLas5sGRcZwx3ffAea%2BKQcc5tsxkhuccDm1amKpovcU5OFu%2FUUGIEc1sahaNN9w%3D%3D\"}]}\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 18:02:33 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b94e32669ac56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f9aefe7440f808609e5508074580947e","sha1":"a2b85eba5f1963dac0e227d4d4572c244112a28f","sha256":"0256869bdbfeab76271b82f579c654ccc1be55cc5477119e5ac6ef52b457d5ab","sha512":"0de31631590eb16f8b994739bf33dd390bab3122d4a04b5ed237b64768b34396b8cb499296cb92af89b47a80f727f9d43e442eedd4f8f2672761a1ca4e3699a6","ssdeep":"","tlshash":"81a0228f02e0080820cf03c82ac3028c03fb30fe20b00038228c300030e0cf280833e3","first_seen":"2026-01-05T18:02:58.989955Z","last_seen":"2026-01-05T18:02:58.989955Z","times_seen":1,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gitbucket.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}