{"report_id":"c27a0827-448b-43e2-b8b9-b908e836352d","version":6,"status":"done","tags":[],"date":"2025-10-27T06:24:51Z","url":{"schema":"http","addr":"eastrk-dn.com/?a=32606\u0026c=398736\u0026co=29225\u0026mt=24\u0026s1=12165120","fqdn":"eastrk-dn.com","domain":"eastrk-dn.com","tld":"com"},"ip":{"addr":"54.216.79.57","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","fqdn":"index.git3share.sbs","domain":"git3share.sbs","tld":"sbs"},"title":"Content Keeper","dom":{"size":7114,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ef9e4de669338890956f4297b74449da","sha1":"58af66ec4a57254f0cd62a50ae04c3755bf1a5cf","sha256":"42bbc02de564a7794b540c2e93991fd7ad5e8c8244e744c0ab175c26579ba16b","sha512":"4953e1ef8c5b3ad203ebebdc407075b74eccb4c384337850258787473d7149f85e177e37f7bd6cb1bd255dda3279565d55641a95b4245d31bf5fc842f938996d","ssdeep":"192:ePFf9ZoSetevNkno+dMr3xFviiFkAN+lFZUrFq8TgdQPlFZHNwsNSGKqV4WReJG:ed7FF1FoFmFRFHV4GeJG","tlshash":"c5e18397a8a3045a790ba5586ffb47863278e003c006ce787b9c538dcf457cc98ab69c","dom_hash":"domhashaaadc31f1df705378833360df036ea00","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWwgbGFuZz0iZW4iPjxoZWFkPgogICAgPG1ldGEgY2hhcnNldD0iVVRGLTgiPgogICAgPG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiPgogICAgPHRpdGxlPkNvbnRlbnQgS2VlcGVyPC90aXRsZT4KCTxsaW5rIHJlbD0iaWNvbiIgdHlwZT0iaW1hZ2UvcG5nIiBocmVmPSIvZmF2aWNvbi5wbmciPgogICAgPGxpbmsgaHJlZj0iaHR0cHM6Ly9jZG4uanNkZWxpdnIubmV0L25wbS9ib290c3RyYXBANS4zLjAtYWxwaGExL2Rpc3QvY3NzL2Jvb3RzdHJhcC5taW4uY3NzIiByZWw9InN0eWxlc2hlZXQiPgogICAgPGxpbmsgcmVsPSJzdHlsZXNoZWV0IiBocmVmPSJodHRwczovL2NkbmpzLmNsb3VkZmxhcmUuY29tL2FqYXgvbGlicy9mb250LWF3ZXNvbWUvNi4wLjAtYmV0YTMvY3NzL2FsbC5taW4uY3NzIj4KICAgIDxzdHlsZT4KICAgICAgICBib2R5IHsKCiAgICAgICAgICAgIHRyYW5zaXRpb246IGJhY2tncm91bmQtY29sb3IgMC41cyBlYXNlOwogICAgICAgICAgICBmb250LWZhbWlseTogJ0FyaWFsJywgc2Fucy1zZXJpZjsKICAgICAgICB9CiAgICAgICAgLmRvd25sb2FkLWNvbnRhaW5lciB7CiAgICAgICAgICAgIG1heC13aWR0aDogNjI1cHg7CiAgICAgICAgICAgIG1hcmdpbjogMTAwcHggYXV0bzsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogd2hpdGU7CiAgICAgICAgICAgIHBhZGRpbmc6IDQwcHg7CiAgICAgICAgICAgIGJvcmRlci1yYWRpdXM6IDEwcHg7CiAgICAgICAgICAgIGJveC1zaGFkb3c6IDAgMCAxNXB4IHJnYmEoMCwgMCwgMCwgMC4xKTsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICBwb3NpdGlvbjogcmVsYXRpdmU7CiAgICAgICAgfQogICAgICAgIGgyIHsKICAgICAgICAgICAgZm9udC1zaXplOiAyNHB4OwogICAgICAgICAgICBmb250LXdlaWdodDogNjAwOwogICAgICAgICAgICBtYXJnaW4tYm90dG9tOiAzMHB4OwogICAgICAgIH0KICAgICAgICAuZmlsZS1pbmZvIHsKICAgICAgICAgICAgZGlzcGxheTogZmxleDsKICAgICAgICAgICAganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOwogICAgICAgICAgICBhbGlnbi1pdGVtczogY2VudGVyOwogICAgICAgICAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjZjlmOWY5OwogICAgICAgICAgICBwYWRkaW5nOiAxNXB4OwogICAgICAgICAgICBib3JkZXItcmFkaXVzOiA4cHg7CiAgICAgICAgICAgIGJvcmRlcjogMXB4IHNvbGlkICNkZGQ7CiAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDIwcHg7CiAgICAgICAgfQogICAgICAgIC5maWxlLWRldGFpbHMgewogICAgICAgICAgICBkaXNwbGF5OiBmbGV4OwogICAgICAgICAgICBmbGV4LWRpcmVjdGlvbjogY29sdW1uOwogICAgICAgICAgICBhbGlnbi1pdGVtczogZmxleC1zdGFydDsKICAgICAgICB9CiAgICAgICAgLmZpbGUtZGV0YWlscyBzdHJvbmcgewogICAgICAgICAgICBmb250LXNpemU6IDE2cHg7CiAgICAgICAgICAgIGNvbG9yOiAjMzMzOwogICAgICAgIH0KICAgICAgICAuZmlsZS1kZXRhaWxzIHNwYW4gewogICAgICAgICAgICBmb250LXNpemU6IDE0cHg7CiAgICAgICAgICAgIGNvbG9yOiAjODg4OwogICAgICAgICAgICBtYXJnaW4tdG9wOiA0cHg7CiAgICAgICAgfQogICAgICAgIC5maWxlLWljb24gewogICAgICAgICAgICBmb250LXNpemU6IDIwcHg7CiAgICAgICAgICAgIGNvbG9yOiAjNGNhZjUwOwogICAgICAgICAgICBtYXJnaW4tcmlnaHQ6IDEwcHg7CiAgICAgICAgfQogICAgICAgIC5wYXNzd29yZCB7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNlNmY4ZTY7CiAgICAgICAgICAgIHBhZGRpbmc6IDEwcHggMjBweDsKICAgICAgICAgICAgYm9yZGVyLXJhZGl1czogOHB4OwogICAgICAgICAgICBmb250LXNpemU6IDE2cHg7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiA2MDA7CiAgICAgICAgICAgIGNvbG9yOiAjNGNhZjUwOwogICAgICAgIH0KCiAgICAgICAgLnBhc3N3b3JkOjphZnRlciB7CiAgICAgICAgICAgIGNvbnRlbnQ6ICdQYXNzd29yZCc7CiAgICAgICAgICAgIGRpc3BsYXk6IGJsb2NrOwogICAgICAgICAgICBmb250LXNpemU6IDEycHg7CiAgICAgICAgICAgIGNvbG9yOiAjODg4OwogICAgICAgICAgICBtYXJnaW4tdG9wOiA0cHg7CiAgICAgICAgfQogICAgICAgIC5saW5rLWNvbnRhaW5lciB7CiAgICAgICAgICAgIGRpc3BsYXk6IGZsZXg7CiAgICAgICAgICAgIGFsaWduLWl0ZW1zOiBjZW50ZXI7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNmOWY5Zjk7CiAgICAgICAgICAgIHBhZGRpbmc6IDVweCAxNXB4OwogICAgICAgICAgICBib3JkZXItcmFkaXVzOiA4cHg7CiAgICAgICAgICAgIGJvcmRlcjogMXB4IHNvbGlkICNkZGQ7CiAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDE1cHg7CiAgICAgICAgfQogICAgICAgIC5saW5rLWNvbnRhaW5lciBpbnB1dCB7CiAgICAgICAgICAgIGJvcmRlcjogbm9uZTsKICAgICAgICAgICAgYmFja2dyb3VuZDogbm9uZTsKICAgICAgICAgICAgd2lkdGg6IDgwJTsKICAgICAgICAgICAgZm9udC1zaXplOiAxNHB4OwogICAgICAgICAgICBjb2xvcjogIzMzMzsKICAgICAgICAgICAgb3V0bGluZTogbm9uZTsKICAgICAgICB9CiAgICAgICAgLmNvcHktYnRuIHsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogIzRjYWY1MDsKICAgICAgICAgICAgY29sb3I6IHdoaXRlOwogICAgICAgICAgICBwYWRkaW5nOiA4cHggMTVweDsKICAgICAgICAgICAgYm9yZGVyLXJhZGl1czogNXB4OwogICAgICAgICAgICBib3JkZXI6IG5vbmU7CiAgICAgICAgICAgIGZvbnQtc2l6ZTogMTRweDsKICAgICAgICAgICAgY3Vyc29yOiBwb2ludGVyOwogICAgICAgICAgICBkaXNwbGF5OiBmbGV4OwogICAgICAgICAgICBhbGlnbi1pdGVtczogY2VudGVyOwogICAgICAgICAgICB3aGl0ZS1zcGFjZTogbm93cmFwOwogICAgICAgIH0KICAgICAgICAuY29weS1idG4gaSB7CiAgICAgICAgICAgIG1hcmdpbi1yaWdodDogNXB4OwogICAgICAgIH0KICAgICAgICAuY29weS1idG46aG92ZXIgewogICAgICAgICAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjNDVhMDQ5OwogICAgICAgIH0KICAgICAgICAucG9wdXAgewogICAgICAgICAgICBwb3NpdGlvbjogYWJzb2x1dGU7CiAgICAgICAgICAgIHRvcDogNjclOwogICAgICAgICAgICBsZWZ0OiBjYWxjKDkzJSArIDVweCk7CiAgICAgICAgICAgIHRyYW5zZm9ybTogdHJhbnNsYXRlWSgtNTAlKTsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogIzMzMzsKICAgICAgICAgICAgY29sb3I6IHdoaXRlOwogICAgICAgICAgICBwYWRkaW5nOiAxMHB4IDE1cHg7CiAgICAgICAgICAgIGJvcmRlci1yYWRpdXM6IDVweDsKICAgICAgICAgICAgZGlzcGxheTogZmxleDsKICAgICAgICAgICAgYWxpZ24taXRlbXM6IGNlbnRlcjsKICAgICAgICAgICAgYW5pbWF0aW9uOiBtb3ZlVXBEb3duIDJzIGluZmluaXRlOwogICAgICAgICAgICB3aGl0ZS1zcGFjZTogbm93cmFwOwogICAgICAgIH0KICAgICAgICAucG9wdXA6OmJlZm9yZSB7CiAgICAgICAgICAgIGNvbnRlbnQ6ICcnOwogICAgICAgICAgICBwb3NpdGlvbjogYWJzb2x1dGU7CiAgICAgICAgICAgIHRvcDogNTAlOwogICAgICAgICAgICByaWdodDogMTAwJTsKICAgICAgICAgICAgbWFyZ2luLXRvcDogLTVweDsKICAgICAgICAgICAgYm9yZGVyLXdpZHRoOiA1cHg7CiAgICAgICAgICAgIGJvcmRlci1zdHlsZTogc29saWQ7CiAgICAgICAgICAgIGJvcmRlci1jb2xvcjogdHJhbnNwYXJlbnQgIzMzMyB0cmFuc3BhcmVudCB0cmFuc3BhcmVudDsKICAgICAgICB9CiAgICAgICAgLnBvcHVwIGkgewogICAgICAgICAgICBtYXJnaW4tbGVmdDogMTBweDsKICAgICAgICB9CgogICAgICAgIEBrZXlmcmFtZXMgbW92ZVVwRG93biB7CiAgICAgICAgICAgIDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGVZKC01MCUpIHRyYW5zbGF0ZVkoLTVweCk7IH0KICAgICAgICAgICAgNTAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGVZKC01MCUpIHRyYW5zbGF0ZVkoNXB4KTsgfQogICAgICAgICAgICAxMDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGVZKC01MCUpIHRyYW5zbGF0ZVkoLTVweCk7IH0KICAgICAgICB9CgogICAgICAgIC5wYXN0ZS1wb3B1cCB7CiAgICAgICAgICAgIHBvc2l0aW9uOiBmaXhlZDsKICAgICAgICAgICAgdG9wOiAxMHB4OwogICAgICAgICAgICBsZWZ0OiAyMCU7CiAgICAgICAgICAgIHRyYW5zZm9ybTogdHJhbnNsYXRlWCgtNTAlKTsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogIzMzMzsKICAgICAgICAgICAgY29sb3I6IHdoaXRlOwogICAgICAgICAgICBwYWRkaW5nOiAxMHB4IDE1cHg7CiAgICAgICAgICAgIGJvcmRlci1yYWRpdXM6IDVweDsKICAgICAgICAgICAgZGlzcGxheTogbm9uZTsKICAgICAgICAgICAgYWxpZ24taXRlbXM6IGNlbnRlcjsKICAgICAgICAgICAgYW5pbWF0aW9uOiBtb3ZlUGFzdGVQb3B1cCAycyBpbmZpbml0ZTsKICAgICAgICAgICAgd2hpdGUtc3BhY2U6IG5vd3JhcDsKICAgICAgICB9CiAgICAgICAgLnBhc3RlLXBvcHVwOjpiZWZvcmUgewogICAgICAgICAgICBjb250ZW50OiAnJzsKICAgICAgICAgICAgcG9zaXRpb246IGFic29sdXRlOwogICAgICAgICAgICB0b3A6IC0xNXB4OwogICAgICAgICAgICBsZWZ0OiA1MCU7CiAgICAgICAgICAgIG1hcmdpbi1sZWZ0OiAtNXB4OwogICAgICAgICAgICBib3JkZXItd2lkdGg6IDhweDsKICAgICAgICAgICAgYm9yZGVyLXN0eWxlOiBzb2xpZDsKICAgICAgICAgICAgYm9yZGVyLWNvbG9yOiB0cmFuc3BhcmVudCB0cmFuc3BhcmVudCAjMzMzIHRyYW5zcGFyZW50OwogICAgICAgIH0KICAgICAgICAucGFzdGUtcG9wdXAgaSB7CiAgICAgICAgICAgIG1hcmdpbi1sZWZ0OiAxMHB4OwogICAgICAgIH0KCiAgICAgICAgQGtleWZyYW1lcyBtb3ZlUGFzdGVQb3B1cCB7CiAgICAgICAgICAgIDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGVYKC01MCUpIHRyYW5zbGF0ZVkoLTVweCk7IH0KICAgICAgICAgICAgNTAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGVYKC01MCUpIHRyYW5zbGF0ZVkoNXB4KTsgfQogICAgICAgICAgICAxMDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGVYKC01MCUpIHRyYW5zbGF0ZVkoLTVweCk7IH0KICAgICAgICB9CgogICAgPC9zdHlsZT4KPC9oZWFkPgo8Ym9keSBzdHlsZT0iYmFja2dyb3VuZC1jb2xvcjogcmdiKDE4MCwgMjQwLCAyMzMpOyI+CjxkaXYgY2xhc3M9ImRvd25sb2FkLWNvbnRhaW5lciI+CiAgICA8aDI+WW91ciBkb3dubG9hZCBsaW5rIGlzIHJlYWR5PC9oMj4KICAgIDxkaXYgY2xhc3M9ImZpbGUtaW5mbyI+CiAgICAgICAgPGRpdiBjbGFzcz0iZC1mbGV4IGFsaWduLWl0ZW1zLWNlbnRlciI+CiAgICAgICAgICAgIDxpIGNsYXNzPSJmYXMgZmEtZmlsZS1hbHQgZmlsZS1pY29uIj48L2k+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9ImZpbGUtZGV0YWlscyI+CiAgICAgICAgICAgICAgICA8c3Ryb25nPmZpbGUuemlwPC9zdHJvbmc+CiAgICAgICAgICAgICAgICA8c3Bhbj4xNS4zIE1CPC9zcGFuPgogICAgICAgICAgICA8L2Rpdj4KICAgICAgICA8L2Rpdj4KICAgICAgICA8ZGl2IGNsYXNzPSJwYXNzd29yZCI+CiAgICAgICAgICAgIE5vCiAgICAgICAgPC9kaXY+CiAgICA8L2Rpdj4KICAgIDxkaXYgY2xhc3M9ImxpbmstY29udGFpbmVyIj4KICAgICAgICA8aW5wdXQgdHlwZT0idGV4dCIgaWQ9ImRvd25sb2FkTGluayIgdmFsdWU9Imh0dHBzOi8vc2hvcnR1cmwuYXQveUVRYnUiIHJlYWRvbmx5PSIiPgogICAgICAgIDxidXR0b24gY2xhc3M9ImNvcHktYnRuIiBvbmNsaWNrPSJjb3B5TGluaygpIj4KICAgICAgICAgICAgPGkgY2xhc3M9ImZhcyBmYS1jb3B5Ij48L2k+CiAgICAgICAgICAgIENvcHkgbGluawogICAgICAgIDwvYnV0dG9uPgogICAgPC9kaXY+CiAgICA8ZGl2IGlkPSJwb3B1cE1lc3NhZ2UiIGNsYXNzPSJwb3B1cCI+CiAgICAgICAgQ2xpY2sgdG8gY29weSBsaW5rIDxpIGNsYXNzPSJmYXMgZmEtY29weSI+PC9pPgogICAgPC9kaXY+CiAgICA8cCBjbGFzcz0ibm90ZSI+SWYgbGluayBpcyBub3QgY2xpY2thYmxlLCBjb3B5IGFuZCBwYXN0ZSBpdCBpbnRvIHRoZSBhZGRyZXNzIGJhcjwvcD4KPC9kaXY+CjxkaXYgaWQ9InBhc3RlUG9wdXAiIGNsYXNzPSJwYXN0ZS1wb3B1cCI+CiAgICBQYXN0ZSBsaW5rIGhlcmUgPGkgY2xhc3M9ImZhcyBmYS1zYXZlIj48L2k+CjwvZGl2Pgo8aW1nIHNyYz0iaHR0cHM6Ly9jYW1hbGlnc2FsdmF0cmVmb2lscy5jb20vcnRiL3AvYy9BQjRRXzJoc2RBVUFfWVVDQUU1UEZ3QU1BQUFBQUFCWCIgd2lkdGg9IjEiIGhlaWdodD0iMSI+CjxzY3JpcHQ+CiAgICBjb25zdCBjb2xvcnMgPSBbJyNmY2Q0YmMnLCAnI2U1ZWFmZScsICcjZjRmZGY3JywgJyNmZGY4ZGMnLCAnI2MxZjlkNycsICcjYjRmMGU5JywgJyNiNGYwZTknLCAnI2RjZjVmZCcsICcjZmJlY2Q4JywgJyNjNGQ2ZmUnXTsKICAgIGZ1bmN0aW9uIGdldFJhbmRvbUNvbG9yKCkgewogICAgICAgIGNvbnN0IHJhbmRvbUluZGV4ID0gTWF0aC5mbG9vcihNYXRoLnJhbmRvbSgpICogY29sb3JzLmxlbmd0aCk7CiAgICAgICAgcmV0dXJuIGNvbG9yc1tyYW5kb21JbmRleF07CiAgICB9CiAgICBkb2N1bWVudC5ib2R5LnN0eWxlLmJhY2tncm91bmRDb2xvciA9IGdldFJhbmRvbUNvbG9yKCk7CiAgICBmdW5jdGlvbiBjb3B5TGluaygpIHsKICAgICAgICBjb25zdCBsaW5rSW5wdXQgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnZG93bmxvYWRMaW5rJyk7CiAgICAgICAgbGlua0lucHV0LnNlbGVjdCgpOwogICAgICAgIGxpbmtJbnB1dC5zZXRTZWxlY3Rpb25SYW5nZSgwLCA5OTk5OSk7CiAgICAgICAgZG9jdW1lbnQuZXhlY0NvbW1hbmQoImNvcHkiKTsKICAgICAgICBjb25zdCBwYXN0ZVBvcHVwID0gZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ3Bhc3RlUG9wdXAnKTsKICAgICAgICBwYXN0ZVBvcHVwLnN0eWxlLmRpc3BsYXkgPSAnZmxleCc7CiAgICB9Cjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iL2Jvb3RzdHJhcC5idW5kbGUubWluLmpzIj48L3NjcmlwdD4KCgo8L2JvZHk+PC9odG1sPg=="}},"submit":{"url":{"schema":"http","addr":"eastrk-dn.com/?a=32606\u0026c=398736\u0026co=29225\u0026mt=24\u0026s1=12165120","fqdn":"eastrk-dn.com","domain":"eastrk-dn.com","tld":"com"},"ip":{"addr":"54.216.79.57","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-01T06:24:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"camaligsalvatrefoils.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"index.git3share.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"eastrk-dn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"approximum.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"track.alinkif.com","ip":{"addr":"104.21.63.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-20","domain_rank":2037155,"first_seen":"2025-03-18T18:11:52.628332Z","last_seen":"2025-10-23T12:35:43.845755Z","alert_count":0,"request_count":1,"received_data":8695,"sent_data":578,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"camaligsalvatrefoils.com","ip":{"addr":"172.67.150.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-29","domain_rank":0,"first_seen":"2025-09-04T05:46:12.73725Z","last_seen":"2025-10-23T09:11:55.892181Z","alert_count":1,"request_count":1,"received_data":866,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"index.git3share.sbs","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-02","domain_rank":0,"first_seen":"2025-10-23T09:11:55.349139Z","last_seen":"2025-10-23T09:11:55.349139Z","alert_count":3,"request_count":3,"received_data":93632,"sent_data":1525,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"eastrk-dn.com","ip":{"addr":"54.220.4.50","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2021-11-26","domain_rank":550657,"first_seen":"2022-01-03T07:14:19Z","last_seen":"2025-10-26T03:00:38.536269Z","alert_count":1,"request_count":1,"received_data":10173,"sent_data":526,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"approximum.com","ip":{"addr":"104.21.82.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-05","domain_rank":4351759,"first_seen":"2025-06-06T22:12:27.073701Z","last_seen":"2025-10-02T05:26:05.900728Z","alert_count":3,"request_count":3,"received_data":16252,"sent_data":1853,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-26T22:16:47.70733Z","alert_count":0,"request_count":1,"received_data":221930,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-26T22:15:38.172198Z","alert_count":0,"request_count":2,"received_data":211076,"sent_data":1039,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"approximum.com/popular-text-message-trends-you-should-know-about-today/?utm_source=68ff101d57f565000101ddfe\u0026utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link","fqdn":"approximum.com","domain":"approximum.com","tld":"com"},"ip":{"addr":"104.21.82.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3eb6d9052fe158459639da5ac1872616","sha1":"24b8e1f0bcb76fdf3f5f2ce9f2124526302c05ec","sha256":"9b1d149452f314ee7d7c8b1ee0d07e4ad12784ecc2888d9d43ee1363d7e80941","sha512":"8af0530e4614cd63e58ce544d6fea4d9394e64388b3b5232d659ed34677ab42f688c2f627b4947d23f7f8eb513ce263d108a71e7148bc986f979ff6a9faec140","ssdeep":"192:HL4ecMun7bgMfmSJ+cdZo1aC8FK+M8Npz1lQ:r4ecrn7bnfmSJ1iSYUNpPQ","tlshash":"19f1f964bda0f8a642f50463237bb388f331715e213a085485990d9e7be3c63e259bf7","size":7673,"data":"","first_seen":"2025-10-27T06:24:53.439534Z","last_seen":"2025-10-27T06:24:53.439534Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","fqdn":"index.git3share.sbs","domain":"git3share.sbs","tld":"sbs"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac1c47bcc63bf581271ffc5e44c2c73a","sha1":"cee8101b076e680c716239fb29367f09aeeffd94","sha256":"640ffa360e7f0dec8cc2e9744e98b4d42ef32eb3493573e247472d2a15865c07","sha512":"edb37013828a336f651a1ba93eaad9ac5f48bc9ad784350447d5f56ccc90b050483fed5f249e6d6bb26ff09f4e9a1dca4865d0c38f9bb1f6b102a55e29edcc8f","ssdeep":"","tlshash":"c401496976c358320aeb311a1ee71a90a830b007e402c98d387c5b004f22b68a156ea9","size":658,"data":"","first_seen":"2025-03-09T03:00:33.69479Z","last_seen":"2026-05-23T18:48:25.617802Z","times_seen":233,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"index.git3share.sbs/bootstrap.bundle.min.js","fqdn":"index.git3share.sbs","domain":"git3share.sbs","tld":"sbs"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","size":80421,"data":"","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-06-11T02:01:48.862718Z","times_seen":16437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"camaligsalvatrefoils.com/rtb/p/c/AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX","fqdn":"camaligsalvatrefoils.com","domain":"camaligsalvatrefoils.com","tld":"com"},"ip":{"addr":"172.67.150.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","date":"2025-10-27T06:24:31.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"camaligsalvatrefoils.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 10:58:38 GMT","end":"Thu, 25 Dec 2025 11:57:04 GMT"},"fingerprint":{"sha1":"A1:1B:19:5D:2F:57:53:C2:41:6C:D1:DE:F2:AD:FC:75:7B:64:BF:92","sha256":"CF:6F:C5:24:07:84:01:C6:4C:66:74:A7:3A:8E:88:95:D2:88:49:52:24:39:90:D2:2C:FF:F2:86:94:43:33:6C"}}},"request":{"raw":"GET /rtb/p/c/AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX HTTP/1.1\r\nHost: camaligsalvatrefoils.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://index.git3share.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 68\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64\r\naccept-ranges: bytes\r\nlast-modified: Wed, 11 Jun 2025 07:50:34 GMT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Xzb5wpq3Oud12fStKr1Ku57alqsvBFp28SUZ0hSrAvHzWqsRgJMc4uNPGYk1Vkuh%2B%2BE3jnbVgK7TkdQ3gbu%2BtZX%2Fc%2Ff8m%2FGOh86xStDFU7Z6fp8RCKcEQ%3D%3D\"}]}\r\ncf-ray: 99501c63a8a2dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced","md5":"e679fbd466a2d656f194a5da4fa083cd","sha1":"2aa795c7607aa6ea41313be88f1b7a9c1ab516b3","sha256":"f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710","sha512":"50664f290367739604eb9e215554e7dc73e8e619f2e563fc597c831eb6b7cdd255425495a01bd73e8fb37ff2319d4e0943e11bca28651d19b2894e39bea9c9e5","ssdeep":"","tlshash":"9ba022c233c0bc3cc2ce0833c0000220f830000b0a088c08a000f0203e223e8008c3c2","first_seen":"2023-04-05T18:15:05Z","last_seen":"2026-06-11T00:11:11.531317Z","times_seen":9537,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":40,"dns":25,"connect":1,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"camaligsalvatrefoils.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"index.git3share.sbs/bootstrap.bundle.min.js","fqdn":"index.git3share.sbs","domain":"git3share.sbs","tld":"sbs"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","date":"2025-10-27T06:24:31.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"git3share.sbs","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Oct 2025 15:59:03 GMT","end":"Sun, 18 Jan 2026 16:58:55 GMT"},"fingerprint":{"sha1":"B6:DC:F0:FE:6D:6B:81:53:42:AD:38:E4:C1:56:C0:A8:A3:2F:E4:4C","sha256":"A3:8A:4C:DC:23:BB:70:1D:B1:DD:32:7E:1C:56:5D:79:C5:40:DC:2B:02:6E:E0:C0:9B:3E:5C:17:16:55:C5:83"}}},"request":{"raw":"GET /bootstrap.bundle.min.js HTTP/1.1\r\nHost: index.git3share.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: text/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 28 Feb 2025 08:47:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BqyqARwxUIl791UZG%2B0NqzLEbips0Y8f625yFAYSh%2Fq%2BlVM7wdiUDn97algK1Eq6x6j0A8C3pBfAZM6cZeWKddLaIsbiz2%2FS47pV0OC142On\"}]}\r\netag: W/\"13a25-62f2fdb17c380\"\r\ncontent-encoding: br\r\ncf-ray: 99501c636b5f56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80421,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-06-11T02:01:48.862718Z","times_seen":16437,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"index.git3share.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"index.git3share.sbs/favicon.png","fqdn":"index.git3share.sbs","domain":"git3share.sbs","tld":"sbs"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","date":"2025-10-27T06:24:31.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"git3share.sbs","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Oct 2025 15:59:03 GMT","end":"Sun, 18 Jan 2026 16:58:55 GMT"},"fingerprint":{"sha1":"B6:DC:F0:FE:6D:6B:81:53:42:AD:38:E4:C1:56:C0:A8:A3:2F:E4:4C","sha256":"A3:8A:4C:DC:23:BB:70:1D:B1:DD:32:7E:1C:56:5D:79:C5:40:DC:2B:02:6E:E0:C0:9B:3E:5C:17:16:55:C5:83"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: index.git3share.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 3886\r\nserver: cloudflare\r\nlast-modified: Wed, 11 Sep 2024 18:16:00 GMT\r\netag: \"f2e-621dbfb6c5800\"\r\naccept-ranges: bytes\r\nage: 298\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eA7td20sLjXy93bbLKOqhbmWB4QNxcdqgc69EhB%2Fe%2FMSxctndoXIDmSbcDgh3aNp0WAwh5lPvFsXmu1WYejjdUbZosZPlsEll%2FVCsOHa1NbC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99501c656cbc56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3886,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"741557240e0ee90895adca6015a642fd","sha1":"d57522520b8484f1ada7d9b145eab99a9e25897b","sha256":"ec64b4daf154bc8afeab3eaca5c73c8581dad57c750c575780fc0f0790c501b7","sha512":"91a85c58d1ce8acc5f99ec5a332e6987e8f8c7d658f1616b4423d11a1d60ecf900a1c5065e52161de0dc08af7340b893682599f8f5726fb7f5489d9bac7e97b3","ssdeep":"","tlshash":"03817bd98be4cb36a0192f4228759375d21b1c7c4497308b49a0ba5b05ed8efc8c0eae","first_seen":"2024-10-04T10:18:50.486805Z","last_seen":"2025-11-30T11:35:33.141331Z","times_seen":192,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"index.git3share.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"eastrk-dn.com/?a=32606\u0026c=398736\u0026co=29225\u0026mt=24\u0026s1=12165120","fqdn":"eastrk-dn.com","domain":"eastrk-dn.com","tld":"com"},"ip":{"addr":"54.220.4.50","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-27T06:24:29.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eastrk-dt.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Sat, 29 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:F8:CD:D1:48:57:DA:2D:E2:DC:5E:07:AD:46:F4:B4:67:17:29:BD","sha256":"99:EA:4A:6A:27:9A:54:15:E4:F1:BE:CC:87:58:C7:0D:50:34:60:6C:0F:08:E3:1F:B5:C6:D5:EA:9B:9C:44:98"}}},"request":{"raw":"GET /?a=32606\u0026c=398736\u0026co=29225\u0026mt=24\u0026s1=12165120 HTTP/1.1\r\nHost: eastrk-dn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 27 Oct 2025 06:24:29 GMT\r\ncontent-type: text/html;charset=ISO-8859-1\r\nlocation: https://track.alinkif.com/click?pid=3052\u0026offer_id=22915\u0026sub1=78fc8f52df3d4178a8deeebc31eaf8d8281d5\u0026sub2=32606_12165120\r\nserver: nginx\r\nset-cookie: gdm_uid_v2_1_001=EPw8t7Gv5uZARRF+6jskb6xi+Eq+8cdomFzt+qoP8Ftavl+IRS9YFWRZFOPvFGou; Domain=.eastrk-dn.com; Expires=Sun, 25-Jan-2026 06:24:29 GMT; Path=/; Secure; SameSite=None\ngdm_sid_v2_3_001=b+P1s7cDHhAV9D24vbyJJ5k/BiusV5Ww5/tBCe+R7Nk9qlR6Kd9KbkTroq5vjuhC8ZcO9yoRn5Et/7UUJ4DkeJZbZqCXkl03q8okyyXwbOEOoOlDw8JDntShc37SdDnR600ru6x3JqIKM5XwiJv1Tcj/xCPiObPpVHCHv9ysLoNivy2pvzNwt6FzDPVFxe8Qrmul3CNDjTt0ygfFfEYJpI4Jfh0GPrSy4IZRRkxS5B2d9bjpIb+UXY8Gy3O1wtHZ3OSypSmL69YEI/qeAk0ldCfQpHd9CYPOAK1gRw/XRMYTjyvgxkUKV7Wgtm1yNuOoBxdkFCF61ZWVF+ucZGA1QyVQvSB/BipXRtdk9/xc2y614ZcJcVIt7vOELnNGLJxQHFaUImsvUw/HCQa3ZLbEd4xxomm0+s6GuKtvu3Jz1DDTrXOcdVnHzripMU+GpubExIIEsd6HmVl0+eNnPouZd3gWtFGBKXDLDTajwP3myOXrx9pRxUPh/WilB6hUoxzfvuJAFn26go279vL/gZg2SKY2UViUhIkxloKMPqeXuzsgAvelIQxFycB2q84UsVlhuWV0P/lqFjgwjfad5DWQB0/E6DCJn3MgrmNSoqlcba5BwvV9SpJbd/MgB6RIZM/5HND7j/cmXT6s2wrMRNF7EGgyZTcyNM2XEMKUiFQxmUH1AWSqwVmb1RNl1OCj+2VeSDksReodZl9oevZp7WETdCGesseQuCReYswNhsQxg7td77NxsHaJFSwcrJ27A1oT/w+qgcNGXBYc3PP3xYkEOcN/tWpN9UmKm3qwYU/0Rfhs8EaiaFc0x36ieCDuNmtkini0ydrCAkNM5EpONFwHCmhDCXcSxi3H670C9YcTUEUhE/MH6nsrcnYPn+8C6qlJiOPE/E69n34AxteUM6PAJo4uLKlbuPgOfhoSIM66CfLxkzRhj7kWHXGwT41HQT4V8o2vQGwXR8NVoFt4KhJmQM/RlRfzQ69MCJO2SzFmYYLEjv7WwcsP3/p2aEWb9hK1fRame90X6EnhaFGC/DJvOg==; Domain=.eastrk-dn.com; Expires=Sun, 25-Jan-2026 06:24:29 GMT; Path=/; Secure; SameSite=None\ngdm_click_freq_v2_1_001=mu51BQmyx1YOAg4Lmc0em3XWP38VA7K8P1TZkW8QhDf6IvY2vtTuw8ygHOgasORd; Domain=.eastrk-dn.com; Expires=Sun, 25-Jan-2026 06:24:29 GMT; Path=/; Secure; SameSite=None\ngdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.eastrk-dn.com; Expires=Sun, 25-Jan-2026 06:24:29 GMT; Path=/; Secure; SameSite=None\ngdm_click_adv_freq_v2_1_001=JyEJHXLGl87jbMc39LBmWHHgIUV8FFbNPMpn/fl9KwZDk8p7xDm8HhFKH/quZfso; Domain=.eastrk-dn.com; Expires=Sun, 25-Jan-2026 06:24:29 GMT; Path=/; Secure; SameSite=None\r\ncontent-language: en-US\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7731,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":316,"dns":8,"connect":33,"send":0,"wait":37,"receive":0,"ssl":273},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"eastrk-dn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"approximum.com/popular-text-message-trends-you-should-know-about-today/?utm_source=68ff101d57f565000101ddfe\u0026utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link","fqdn":"approximum.com","domain":"approximum.com","tld":"com"},"ip":{"addr":"104.21.82.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-27T06:24:29.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"approximum.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 16:12:42 GMT","end":"Sat, 29 Nov 2025 17:09:59 GMT"},"fingerprint":{"sha1":"08:67:F1:9F:D1:8A:7C:61:F4:F9:96:30:A8:23:D6:F4:35:24:17:88","sha256":"09:B8:D7:17:BB:AC:2E:BD:1A:FE:33:AA:D2:4A:62:A7:A7:E1:24:A0:3A:D9:B3:4A:5D:9A:51:DE:01:C9:73:4C"}}},"request":{"raw":"GET /popular-text-message-trends-you-should-know-about-today/?utm_source=68ff101d57f565000101ddfe\u0026utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link HTTP/1.1\r\nHost: approximum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:29 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yy21HeQFTXBX1jFK1FAPnEB%2BQD8fXYwU06eg9uIpnprMsTduVMyq7bhdc1gvY8WGo9zAChuf1Hf%2Ff%2FXOJJC39uTlG9xF7gYmmS%2FTmw%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99501c5a1d7656c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7731,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6907)","md5":"a361c3a5e09d0831fa1131ecaed35472","sha1":"2550f5ef8a89240b380903b1793b8971a8c7c51c","sha256":"6a88098e348fa065146cb28adc6cd9fc460c4e1e57c81f1377d7757e492f95ed","sha512":"68142266965322fef2bf4d069a7b8b96935b090036ca91d32a75e10e03c61edea08a2f6008a52430b0b3173c63b302bcc0d163028e54abbf825304f367e6c2c4","ssdeep":"192:xL4ecMun7bgMfmSJ+cdZo1aC8FK+M8Npz1lF:x4ecrn7bnfmSJ1iSYUNpPF","tlshash":"e1f1e864bda0f8a642f50463237bb388f331715e213a085485990d9e7be3d63e259bf7","first_seen":"2025-10-27T06:24:53.435458Z","last_seen":"2025-10-27T06:24:53.435458Z","times_seen":1,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":217,"dns":6,"connect":1,"send":0,"wait":74,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"approximum.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"approximum.com/favicon.ico","fqdn":"approximum.com","domain":"approximum.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://approximum.com/popular-text-message-trends-you-should-know-about-today/?utm_source=68ff101d57f565000101ddfe\u0026utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link","date":"2025-10-27T06:24:30.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"approximum.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 16:12:42 GMT","end":"Sat, 29 Nov 2025 17:09:59 GMT"},"fingerprint":{"sha1":"08:67:F1:9F:D1:8A:7C:61:F4:F9:96:30:A8:23:D6:F4:35:24:17:88","sha256":"09:B8:D7:17:BB:AC:2E:BD:1A:FE:33:AA:D2:4A:62:A7:A7:E1:24:A0:3A:D9:B3:4A:5D:9A:51:DE:01:C9:73:4C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: approximum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://approximum.com/popular-text-message-trends-you-should-know-about-today/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"approximum.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"approximum.com/popular-text-message-trends-you-should-know-about-today/?utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link\u0026utm_source=wu9Te050004000000001008066419","fqdn":"approximum.com","domain":"approximum.com","tld":"com"},"ip":{"addr":"104.21.82.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-27T06:24:30.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"approximum.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 16:12:42 GMT","end":"Sat, 29 Nov 2025 17:09:59 GMT"},"fingerprint":{"sha1":"08:67:F1:9F:D1:8A:7C:61:F4:F9:96:30:A8:23:D6:F4:35:24:17:88","sha256":"09:B8:D7:17:BB:AC:2E:BD:1A:FE:33:AA:D2:4A:62:A7:A7:E1:24:A0:3A:D9:B3:4A:5D:9A:51:DE:01:C9:73:4C"}}},"request":{"raw":"GET /popular-text-message-trends-you-should-know-about-today/?utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link\u0026utm_source=wu9Te050004000000001008066419 HTTP/1.1\r\nHost: approximum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://approximum.com/popular-text-message-trends-you-should-know-about-today/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Mon, 27 Oct 2025 06:24:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C6Bgjlwrq0avp5laFfiyaspeoLGKlrk3GEDIHT6WD46uIbGMlxJphTsNNaOLKggqeIZKRFLkO3v5eVLl%2FEC5zUWCQB3G3TSobENOEg%3D%3D\"}]}\r\nreferrer-policy: no-referrer\r\nlocation: https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484\r\ncf-cache-status: DYNAMIC\r\npriority: u=1,i=?0\r\ncf-ray: 99501c5f6e0356c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7318,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"approximum.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","date":"2025-10-27T06:24:31.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://index.git3share.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 31838\r\ncf-ray: 99501c637b300731-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.0-alpha1\r\nx-jsd-version-type: version\r\netag: W/\"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-etou8220090-FRA, cache-bma-essb1270034-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 191300\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yMe8wOq%2F%2BzaNw6cpLULa9Wv49zy4%2BDmdLea2bASRea60qz7sikcOnLIRNCaFO9Ay9ic6BLgQrsPl7nq%2Bpk9TcemKJyyYWWTwo6qfRRhCfaRUQt8bR%2FNu0dmUFi5A1UrrFKA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":220780,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65335)","md5":"5b42276b3039eaf18cc199cb4c8db7b8","sha1":"719956aa52db4c8afdc5c0cfb3cbdead6258b8a6","sha256":"932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386","sha512":"ef639578068f795f27dc17598fb84e91a3d2124feec290e4686c8fe16da34b3002f2d7e23b82cc1035a82f7b85a7999c66efbc11e85be06859585c2faecb3af5","ssdeep":"1536:u1tfA98f66e7K5wlP72N9S3I17sYciHKVOpz600I4V9:ytfA98fXpKVOpz600I4V9","tlshash":"5e2482e6f190317d9ca7c1499590befd866fa945db120aaaf003776807cabd30963dcc","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-06-11T00:03:15.848007Z","times_seen":6559,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":13,"receive":2,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","date":"2025-10-27T06:24:31.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://index.git3share.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 125064\r\ncf-ray: 99501c642a5cb4f4-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"619c057b-1e888\"\r\nlast-modified: Mon, 22 Nov 2021 21:02:51 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 351848\r\nexpires: Sat, 17 Oct 2026 06:24:31 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4T7v1LPvfntQvm9Jk9O%2FZV0IYUHp1N0E%2BY7AoQ60MrUnyZGasrq%2FuikVaTPdYWmDBvnGr0o5mc38A%2FTWXzS5amPa1BInpRHmQKOBqxY3uWDDGHCROvV2pvLEY%2FV76nwWi0brwjLW\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":125064,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 125064, version 768.67","md5":"57b380d27f14f16e737bcca7e849cf79","sha1":"2e4280929d4d76fc0e31601c98f167f14630c209","sha256":"94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251","sha512":"88dd2321cc4711333411a24dab612daa68caf7cc31c892405bcbb9e89629ca15fcdd781bb26d7485f5819b5b48170ec8eaa2135701f4695cf94a1cb0c15bf649","ssdeep":"3072:W0ZXsLdN0s2s3suUQwuHn6XEedsYoDAEMUdAgofJ:W0OdNj10uHwsYoMHPg+J","tlshash":"b0c3122be28d689365654613aedd23ae1e795b7d8c4b6315c1bb3046f7ac7b83003b13","first_seen":"2023-04-09T08:23:50Z","last_seen":"2026-06-11T01:38:42.65163Z","times_seen":14422,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":16,"dns":1,"connect":0,"send":0,"wait":13,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.alinkif.com/click?pid=3052\u0026offer_id=22915\u0026sub1=78fc8f52df3d4178a8deeebc31eaf8d8281d5\u0026sub2=32606_12165120","fqdn":"track.alinkif.com","domain":"alinkif.com","tld":"com"},"ip":{"addr":"104.21.63.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-27T06:24:29.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alinkif.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 11 Oct 2025 09:34:34 GMT","end":"Fri, 09 Jan 2026 10:33:19 GMT"},"fingerprint":{"sha1":"A5:52:AB:88:A9:F7:79:41:46:91:8B:92:34:F4:7A:68:E8:FB:FA:E2","sha256":"9E:95:91:CE:74:34:4B:3C:6D:81:C7:B1:D3:5F:2C:C5:AD:13:33:43:3B:24:09:5D:AB:24:F9:AE:30:67:4B:38"}}},"request":{"raw":"GET /click?pid=3052\u0026offer_id=22915\u0026sub1=78fc8f52df3d4178a8deeebc31eaf8d8281d5\u0026sub2=32606_12165120 HTTP/1.1\r\nHost: track.alinkif.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 27 Oct 2025 06:24:29 GMT\r\ncontent-length: 0\r\nlocation: https://approximum.com/popular-text-message-trends-you-should-know-about-today/?utm_source=68ff101d57f565000101ddfe\u0026utm_term=\u0026utm_content=3052_32606_12165120\u0026utm_medium=link\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-adjust-use-original-forwarded-for: 1\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GxxELQPQ3ZyH9AaUXoPc5fGTQXiKvA75B1jAkZ8qK3Vqcr7GtioL%2FA5acPu0tAD4AaEk53K4e1nqwvyPU0XO29AGnAFkm5lu903jTP2Z3osE\"}]}\r\nset-cookie: afclick=68ff101d57f565000101ddfe; SameSite=None; Secure; Expires=Tue, 27 Oct 2026 06:24:29 GMT\nafoffers={\"22915\":[1761546269,1]}; SameSite=None; Secure; Expires=Tue, 27 Oct 2026 06:24:29 GMT\r\ncf-ray: 99501c57fa02dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7731,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":30,"dns":9,"connect":1,"send":0,"wait":126,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","fqdn":"index.git3share.sbs","domain":"git3share.sbs","tld":"sbs"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-27T06:24:30.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"git3share.sbs","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Oct 2025 15:59:03 GMT","end":"Sun, 18 Jan 2026 16:58:55 GMT"},"fingerprint":{"sha1":"B6:DC:F0:FE:6D:6B:81:53:42:AD:38:E4:C1:56:C0:A8:A3:2F:E4:4C","sha256":"A3:8A:4C:DC:23:BB:70:1D:B1:DD:32:7E:1C:56:5D:79:C5:40:DC:2B:02:6E:E0:C0:9B:3E:5C:17:16:55:C5:83"}}},"request":{"raw":"GET /file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484 HTTP/1.1\r\nHost: index.git3share.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: cloudflare\r\nx-powered-by: PHP/8.2.12\r\ncache-control: no-store\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NSXpeYroDCCY76e%2BT9ICJExLAY3cSfY50fdCK74nSU2Bk97EZ6Yp9%2FsV5q7lY1aReHoxLoO%2BSgsm7V85j6bLgT1b%2FA29vrzRlkeFqwvlKjpv\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99501c607b300b3d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:1","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":7318,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"e4adef9f516848e643f0c57ef0fdfe0c","sha1":"2b84f34fa0f3e39655eac85bf26ff31a7691cc20","sha256":"360f715af66674037b4b745820b11690ff0d750871ebf09ff04db54735ea90be","sha512":"e7e1116164c94bbd4caa1941f60cbab3791ebd16bf58204a93fb528b6e235ee12c6fd01fa601d8717dde1d02def6476498089d82482785310b065c7a07346c1f","ssdeep":"96:oPOj9mWJqV6z7/zYWbkF0IHlbMUWeK3AVr9/Tqt:oPOj9mW0V6f/z/fIFA5ebbrm","tlshash":"8ce17426e940544a613be768eff34785fa799013c3028a797bdc23874f7164c856bee8","first_seen":"2025-10-27T06:24:53.43811Z","last_seen":"2025-10-27T06:24:53.43811Z","times_seen":1,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":56,"dns":36,"connect":1,"send":0,"wait":322,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"index.git3share.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://index.git3share.sbs/file.zip?c=AB4Q_2hsdAUA_YUCAE5PFwAMAAAAAABX\u0026s=357484","date":"2025-10-27T06:24:31.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://index.git3share.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 06:24:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 14850\r\ncf-ray: 99501c638a48568e-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"619c057b-3a02\"\r\nlast-modified: Mon, 22 Nov 2021 21:02:51 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 264712\r\nexpires: Sat, 17 Oct 2026 06:24:31 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3A6KAsTGOdxDmLzWvv2bOJ3Hu6yCJE4lwWRnN6WcynrH0IS4DEGUaL%2B3G3nNEWzjT0yQkrnQpQN61FftOWorA6MldiY2ov6qwXyXdj%2FKHipGalDeR0%2FwZsJniMsuXrpiIigCiXOJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83981,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65311)","md5":"3d5ef2bf867c4054a2f336cdbad9e1dc","sha1":"07228d1fa3245ee156a27a353f45758a3207849f","sha256":"a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8","sha512":"168deb96b663fe4eee8d39c78380864760fb912b34bf82cb6a7c36aa4b18b91944ccefad71a10f428810d0a6a818ddbaff3ae7db42264750dfb8b5a73a8eda04","ssdeep":"1536:YlMVM6MVM9MVMKMVMRsVMNdhwJHQ9Kll3ITRUHrt+z:sdhgw9kITRULt+z","tlshash":"458376e8e44c05d56732c44baf55b378a1b6f73cd5810da9f02f590c29d26a822c6f7a","first_seen":"2023-04-09T08:23:50Z","last_seen":"2026-06-11T01:38:42.651047Z","times_seen":20206,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":14,"dns":1,"connect":3,"send":0,"wait":13,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}