{"report_id":"c7b4807f-1941-4e13-ae9e-8abdbe436772","version":6,"status":"done","tags":[],"date":"2026-03-28T02:37:19Z","url":{"schema":"https","addr":"xn--krb3-6q5a.com/","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"title":"Kraken Audio — Премиальные наушники","dom":{"size":64995,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16512)","md5":"97b2cc7a4f278b95f7a386d7f59c64ac","sha1":"3594b719118d11aa65d47af6ac5f74a3077c4d89","sha256":"66a251f806d21533073f83374c894ce09d6bce7f4f4d362bfdd001371416cd76","sha512":"693bda554f42cb8318b3af221a7f287d635a1d96bd1312b121bf343cae64357dce7c8bf1057603e8d48b2a0606d649a046d48be3b49d9e8fb8cd9cd117127835","ssdeep":"768:/BFJnovld0O7ebJUV+QshYE0QLbyqSTAdOCly0elF3yVUgFHSjKI3RuzGAaVjPAd:/BFw+Qshf0NAkdRgFIF3U1","tlshash":"5d53d891531425fe14c7c2b9ff0a7b28a269c1eeea7731c592ecc5396787c85ce26390","dom_hash":"domhash4b8f11004aef1398e2dae1ae243df91b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T02:37:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xn--krb3-6q5a.com","ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-09","domain_rank":0,"first_seen":"2026-01-21T11:30:41.448025Z","last_seen":"2026-03-27T20:05:39.091749Z","alert_count":9,"request_count":9,"received_data":565528,"sent_data":4364,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/img/hero-headphones-BFlUM5IU_25x5j8.webp","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /img/hero-headphones-BFlUM5IU_25x5j8.webp HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6432\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:44:16 GMT\r\netag: W/\"1920-19ce137cb00\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aANnKhqKdMgc8bn5aKjVRY3k9JVWS%2FBjByr0lJO7Ps9xrU5YNBSiWQzczkWklBtccL561NtG9McJtwqs6RlwSNfAnmMvDhRhrsGVkL8mJwQfFob%2F1Q7VjtUVgNy0nJYekqMksg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e33400f5a03b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6432,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8c510b58365a8ab6435c1297264db5e2","sha1":"dc105547706e65d275de58bd43eb57a3737bd2f4","sha256":"5c2accc743d0b9e73ca2ffdb555e44cadaa3edd4901c1272f463c9b14fa7d6cf","sha512":"542f85143c7b5a5c2732f3d9ca7e066843aff75b757224d29454ecb04d970883f21abb6fc02a67eddb92379db495bab1b4418121c31d7f339c7d947ecee1e562","ssdeep":"96:XXbMcmANZZx+p2kXRNzrlZm5o9qVkfb6/uME4m8DhuMO4NYlxMhU2lBOyVy:HbvmAj+JXRNz8os4+P3ur4NYf1sg","tlshash":"31d18d291db83858b83d018bf5e291d1e96f6bb14fc811e71bd980c328fb5405d82eb7","first_seen":"2026-03-27T00:19:05.457179Z","last_seen":"2026-03-29T10:08:53.702007Z","times_seen":25,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/fonts/Inter-Medium.woff2","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /fonts/Inter-Medium.woff2 HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/styles/index@_@astro-QXXY2dNO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 114348\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:22:02 GMT\r\netag: W/\"1beac-19ce1237010\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gt4SuXxLTFNWLOWGJ2KJvdsmsncMcYVIb5QuZ4cb4ljjaIdvRvLrDq9CVxsIbG3Yr0eSh7wWomX%2BPTk%2BXlkYgWyg0BQvGQ5KyKinliR%2Fc8TxAQV38af20bPD2LRU8KDO2V6XdQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3340110a0bb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114348,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 114348, version 4.66","md5":"7b7f3cfa2944edbd2fcbb478547b22bd","sha1":"d502bb1b3f812f62ce68e2b93cf6d2a5b9bc7120","sha256":"0ff3e94614e1493eb556314fd247ae6c4a85a7783b4cc86be539940cf83f2a48","sha512":"dbc1ef0befc435b74d83ed20a7dd23fe323864bcb3a3f1134df25261df106645e10ab7cd78ad79008b02d320e5fa32b8acc83aeaecc97653596cc351a3dea65d","ssdeep":"1536:ORj4CTzwujWVxFlkG6ASwCsNBzLFwyOj/XapvyNChItjTKbXap/08PfitCLKFQT7:Op4CTjvASob3OjfaFycqJJPf/MQTHa0d","tlshash":"e5b3128e3e693f57cbdca3a0ba1766b194e7c277a8cd02b138245ff805be5548b14705","first_seen":"2024-11-19T20:50:46.187707Z","last_seen":"2026-04-23T21:00:13.644335Z","times_seen":29586,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/fonts/Inter-Bold.woff2","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /fonts/Inter-Bold.woff2 HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/styles/index@_@astro-QXXY2dNO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 114840\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:22:06 GMT\r\netag: W/\"1c098-19ce1237fb0\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uaNFUgso1KN%2BaDW%2BeCoip824UdRBjZ7pTo4LSEKPmrD0Wnm6anWNiuo6w99Ic5n6TANFObgFf68T6TRRXQFew51yaKpxEPnL%2BHvtJLa1FUYkA3GwW7A14jf%2B2GkxgRX%2B41lNYQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3340110a0db28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":114840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 114840, version 4.66","md5":"66894432e7ff485b0d4810f6aa95573f","sha1":"5cbf10e9f8be7dac2a365bfb21fe6ddf4641e569","sha256":"fa888127b6da015b65569f0351f3b5c391ad928904951f1c20e9f8462a8d95ea","sha512":"0768f605341013a3c21aadb4f80eed3a81c0502fa79766eac6dd83ad6b7b135b24282deaa07419b4f29e7f45d96796976e07f0dafcbae3e5cf6421afa7e5c209","ssdeep":"1536:7JT4B6gU0SWJAbfNw66wMA6ImioyFi9MB4vIkuv4uVdbT5Dmi7uh6XK910:7tcSlbfNwgm3r9MiSJb+hZ6","tlshash":"3cb312142fca602de66bf32c2bf3e20385357964e0475e41f2948bab111b4bc3f4d916","first_seen":"2024-11-20T03:00:23.656898Z","last_seen":"2026-04-23T19:27:35.987561Z","times_seen":4852,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/fonts/Inter-Regular.woff2","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /fonts/Inter-Regular.woff2 HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/styles/index@_@astro-QXXY2dNO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 111268\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:22:00 GMT\r\netag: W/\"1b2a4-19ce1236840\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gvjo8eQtgRuFl0dXq7XCA1DKnm%2Fw3svabUR7UpTwrvjVYOTehQxsDb0vR4TcVHQ5YTy%2FgYHWHd1iiKIpcDL2gz2MQPC2VUI6yPlzg9H3HsCaW9leKk%2FWFvYWyApOcke5Zqa5hQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3340111a0eb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111268,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 111268, version 4.66","md5":"3875f83574973c732136a45f628e64a6","sha1":"b7a0b6fbebc40eb29b76cf135c4b7be50b981b4b","sha256":"e06f6b1bc553aaea4e4668023ed0ab0a147129c3107f511bc7d03d361b0ae085","sha512":"c4d06c4d73f83f3bc150ec5c3fc792af04161ec98c298a526b717b09e0f10597c688ea1827c1b54324b809cccd7c8a51e637eb822f192744f16556d0fd5b2efb","ssdeep":"3072:oSVIcbST1rITm6KORAGB/6lp7l8MBrVAPg:oSVIcEwm6xlB/6lp7lzBJ/","tlshash":"2ab312cd46ab0e22c7db93b491ea634d5ab188f8e3b630358993ff31155093723e615d","first_seen":"2024-11-19T20:50:46.185622Z","last_seen":"2026-04-23T21:00:13.647045Z","times_seen":31844,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/apple-touch-icon.png","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 3557\r\npriority: u=6,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:52:28 GMT\r\netag: W/\"de5-19ce13f4ce0\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tJgj%2FWAoGQZUDRR2SquA%2FWnwFdnvpV7CLNS1XeoFDq3BtLJZuFvzPMOvydEBnH95HKdqqxsoDF2RrYTmAf2wtWkjdDJE4gAZanwDcLXtKfazZSBI9b47P5B5qTiMFD%2B0ZF8fcA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3340132a1cb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3557,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"e94d55568d2ca74b8fc8b12e7372012d","sha1":"83261aa4f86e749f1b60aec51b2024ac37485cf6","sha256":"f0f4b5416c32e93a38ac4eb37a6f4f878a0a7b9c1faed115229b7aab74276202","sha512":"4d129afc22ad98249936d7b189c20822c889ec413a2d59fca1dfc61b077e680aef92953e29f311b63ce487dd7c36d7f4dfc6dad64bbfcd1631fda8195658afc8","ssdeep":"","tlshash":"92714c3792e3f6aa4605a1ad503f98a8822c51e4038227657757a6b6229e252ddc32a2","first_seen":"2026-03-27T00:19:05.443802Z","last_seen":"2026-03-29T10:08:53.703183Z","times_seen":25,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/favicon.svg","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P3afA84LoGn9koKdaK9XfHlbGzYFnpL8u%2BybwBTd96Y%2Bht0dWXEFQH3noBlZdHTnlpdGpLWAUCVrbpFK7qI%2BIapavvOdPGD5jlWgjuQ3%2BSgjy9uhcw%2FWgTamoummSyb47gbB6Q%3D%3D\"}]}\r\npriority: u=6,i=?0\r\nx-powered-by: Express\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:52:02 GMT\r\netag: W/\"18a-19ce13ee750\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3340132a1db28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":394,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a76115a2618739751cf14d499d52e0df","sha1":"df56c143f71b04d6ec418e9ce82d514552bbe3dc","sha256":"4f5cafd499c749942d3fc3a9b548cd4897bd6de65d06e24919980c4ea48b89ac","sha512":"19471d9d8f51f28a6dcf6a4d6f10c8505a25c57c2d31cee75d09cf1d33a4693b0e5b22066e1f50055cb3a6db87a3b2cbd31b03b3daaa560ffc547728c6caad03","ssdeep":"","tlshash":"0ae022fcc64c582cda11071c6a49b0e6326bd0c32f080218e9583a38b15698aecb36ed","first_seen":"2026-03-27T00:19:05.451603Z","last_seen":"2026-03-29T10:08:53.700767Z","times_seen":25,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T02:36:57.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 28 Mar 2026 02:36:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\ncache-control: public, max-age=0\r\nlast-modified: Thu, 12 Mar 2026 09:09:36 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cmr1HFl73SF6Lv3WZjXXIMj%2F9gVFxqRO2XT%2BwG4%2F5nk2MU6zMuqish1GBSTBkXYjURZH3%2FZ5KamHHWGC4hSL%2Fu1mDCvfcaLRtey5htV8EoXng3C0qg%2BtRnL5vIpAdfEKiZ3SGg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e33400d9d2c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":65295,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16512)","md5":"8caff541d349f91a93ec6cf59c8697ea","sha1":"d170422c9281f0671fd641ad8b78b2d217f4fb03","sha256":"e2a296ae4c920ec5a09dc6d7be605921321fef19905d3b041e5c2a7c2f565dfb","sha512":"291fdc767b85470b565cc4fe7f4219edf3373b3bb6dcebf71a15743380fb632ac9ee8f8d71d0643eab7d916190e149dbec4a73d953bfc4e0b6cefe63bc30bf13","ssdeep":"768:bBTJnovld0O7ebJUV+Qsh2E0vLm/PtYAdO6hy0exBbyVUMFHSjCFsRuzGAaVjPAp:bBTw+QshF0jAkxdMFIMsS1","tlshash":"0f53c891531425fe24c7c2baff097b2ca269c1aeea7731c591ecc5396787c85ce26390","first_seen":"2026-03-27T00:19:05.431609Z","last_seen":"2026-03-29T10:08:53.703748Z","times_seen":25,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":38,"dns":27,"connect":1,"send":0,"wait":124,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/styles/index@_@astro-QXXY2dNO.css","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /styles/index@_@astro-QXXY2dNO.css HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IAogHCM9m%2B7I2fxSkqp0KJJV9iJcYAa1n4EI1ClDw%2FWW67mvMbdutTWu6sFQJ1GwVcfwkUtS0fdWw0AaZ%2BIVtgMub%2FpnbbZbvaQ9tHkc5g5ajIIP5vTDALWlojyRq4i12Kk%2FKg%3D%3D\"}]}\r\npriority: u=2,i=?0\r\nx-powered-by: Express\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 09:09:36 GMT\r\netag: W/\"6d43-19ce14efc80\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e33400f5a02b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":27971,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (27970)","md5":"9700a3185b55889a62e83f8f48b38ffb","sha1":"61686ed999237e605e4713d43f2e7181436b8343","sha256":"b688f2270540d7c9ac0f593283b3bacbb2bc2dea1011c6681a7fa25839500b89","sha512":"a22292717ee545a997b17c497c59b0fc376ded8f953fb11cf3eb6b8e5f32cd2726c2730dae1faf5a730e9be58b2c36365e2a45a06e2d021634508daefef21b4e","ssdeep":"192:D01+WTyRkEfP6UxSsbm2HHsVxLPmIWpnTo+sSemeaHsG8aGSwk1N076BIY9KD2o4:hkcqsbmzrLPmIWpnTo+shaGSdjS92R","tlshash":"3fc25260f366d97fec2364e6eb9c741cb918a196ce3163e8ff42660267c67f24805b14","first_seen":"2026-03-27T00:19:05.460451Z","last_seen":"2026-03-29T10:08:53.701352Z","times_seen":25,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--krb3-6q5a.com/fonts/Inter-SemiBold.woff2","fqdn":"xn--krb3-6q5a.com","domain":"xn--krb3-6q5a.com","tld":"com"},"ip":{"addr":"104.21.94.91","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xn--krb3-6q5a.com/","date":"2026-03-28T02:36:58.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--krb3-6q5a.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 18:18:18 GMT","end":"Wed, 17 Jun 2026 18:18:17 GMT"},"fingerprint":{"sha1":"39:EE:26:66:68:5D:9A:19:F4:BE:3A:C5:F6:03:B8:B5:C9:34:2B:11","sha256":"6D:9C:61:FE:C4:2C:FE:8D:49:5B:91:B7:67:2C:D2:91:98:4B:A6:45:C9:2C:2E:AB:23:BD:6E:21:FF:BE:88:C3"}}},"request":{"raw":"GET /fonts/Inter-SemiBold.woff2 HTTP/1.1\r\nHost: xn--krb3-6q5a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--krb3-6q5a.com/styles/index@_@astro-QXXY2dNO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 02:36:58 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 114812\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 12 Mar 2026 08:22:04 GMT\r\netag: W/\"1c07c-19ce12377e0\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kbFk4GwwiD4615M2zUSsoGvB%2FGb%2B10pEvxgVtKPavbpQX0osv3Ve5M0ZNcRgFxqgVcn35EZ4s69Yf19Q7tWIA9CONdFr0n461zFcIFXOyG0WLCd24I5Gkze0QX38S2SKrSz8vw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3340111a0fb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114812,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 114812, version 4.66","md5":"b72fa2728a8ef9b862e8cf802c9d7cd4","sha1":"9cc2b10d4186b63c8d90be346069b2011451897c","sha256":"5cb7103e4e605989afebc03d989c79201e54b21b5183db33981f70db9178a301","sha512":"c5e153f48aa644525b809362465ae3315bcb8d6834d9ea526f07f98c28c96a15a24ffe66dbc1c7828f94589b45520d8b02c8b9d5ff923dad4e0f04ced8c5577b","ssdeep":"3072:RWx4qkokpcUL8xi73c2odMiyL2VpANGwDe+/gID:R0/kokGw8sLcvdrAcw6TID","tlshash":"25b312a789abf9e1e742f2f78ab452d1234ace7974de80f12c8950e87051197cb093d9","first_seen":"2024-11-19T20:50:46.190545Z","last_seen":"2026-04-23T19:52:08.472204Z","times_seen":2417,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xn--krb3-6q5a.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}