{"report_id":"c8bace90-b5b6-480a-bbe5-217b82daeade","version":6,"status":"done","tags":[],"date":"2025-12-24T08:43:39Z","url":{"schema":"http","addr":"rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","fqdn":"rosecat.info","domain":"rosecat.info","tld":"info"},"ip":{"addr":"172.67.169.76","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","fqdn":"rosecat.info","domain":"rosecat.info","tld":"info"},"title":"Download star.wars.insider.2025.full.year.zip Now","dom":{"size":1131,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (320)","md5":"b6067786b16903ecbf3cbe78617da6c2","sha1":"ae8c1d1a8f20c87bb4cd9c9d957a815671f6a3e7","sha256":"bf624b64d41e8c1c4be94f2cd90ad39ba7b4638415c447d690b5dfa5306aeb7f","sha512":"5e770d024e8d1a702eaa8fb01a5605a539b8eb66612ee02a9d40c3b0ba3fd81ad79075b6806e633741e4303e52947ba1d83cc7c148c8d15305deeb0070ad9b5d","ssdeep":"","tlshash":"1721037f11008a0b662214c8aa650365e8c3c17bf71f685b74b783b9dad58ab457a0fe","dom_hash":"domhashbc0dcd1cb9a4500d96372f4c3a16d937","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","fqdn":"rosecat.info","domain":"rosecat.info","tld":"info"},"ip":{"addr":"172.67.169.76","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-28T08:43:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"rosecat.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"rosecat.info","ip":{"addr":"104.21.95.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-28","domain_rank":0,"first_seen":"2025-11-08T22:52:40.203073Z","last_seen":"2025-12-16T07:54:58.156748Z","alert_count":2,"request_count":2,"received_data":2452,"sent_data":1042,"comment":"","tags":null,"fingerprints":[{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.6.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:5.5.38","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2025-12-21T23:36:42.536211Z","alert_count":0,"request_count":1,"received_data":141880,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-12-21T22:27:34.829071Z","alert_count":0,"request_count":1,"received_data":90538,"sent_data":447,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.3.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf2fbbf84281d9ecbffb4993203d543b","sha1":"832a6a4e86daf38b1975d705c5de5d9e5f5844bc","sha256":"a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575","sha512":"493a1fe319b5c2091f9bb85e5aa149567e7c1e6dc4b52df55c569a81a6bc54c45e097024427259fa3132f0f082fe24f5f1d172f7959c131347153a8bca9ef679","ssdeep":"1536:ENjxXU9rnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQK:EcqmCU3zhINzfmR4lb3e34UQ47GKL","tlshash":"4c9318ddb2c6b06247a770ba407f610ff236199d684d4400f169d8e9bc78a4a827bf7d","size":89947,"data":"","first_seen":"2023-03-10T04:24:46Z","last_seen":"2026-04-04T06:56:16.658917Z","times_seen":23350,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","fqdn":"rosecat.info","domain":"rosecat.info","tld":"info"},"ip":{"addr":"104.21.95.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T08:43:17.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rosecat.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 08:53:32 GMT","end":"Mon, 26 Jan 2026 09:52:01 GMT"},"fingerprint":{"sha1":"48:81:FB:C4:B4:14:6C:3B:FA:42:80:E3:C7:2B:00:37:A9:D6:C4:14","sha256":"53:29:AF:5F:DC:C4:99:F8:30:F7:04:09:43:9F:19:2A:9E:D5:BA:27:AF:61:C4:0F:09:83:C9:A5:D8:53:C4:05"}}},"request":{"raw":"GET /tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip HTTP/1.1\r\nHost: rosecat.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 08:43:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/5.5.38\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pichCzi7T1EAxOYJeK4Dmjygi3ruT2I1dtglezj4XaZJCF9dqR92NVJ1fm3zM%2BaJBO6dZOECCPNeJLH5E%2BmMEuBNinFwJJN2fzQ%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b2ecf68e9ca1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.6.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:5.5.38","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"def4f64ebd68c48b637283b8c9b79d36","sha1":"679d86fa4595de06ac3250fed189f6309796f654","sha256":"e312dd0bf8c3ac9c26f70d273a01f7ea08fb8b084dcb8423f5c33ef9315ba9f7","sha512":"53558c4b8464814347945d1467c6b2c8e277bcc45ed9b608fe656621780941ee7f255c84c0ac04130b422072e570e6e9dcab13c78e4f8be2906c15f2c5d53fd8","ssdeep":"","tlshash":"7411667f10009a4b561210ccea641325e4c3c1bbc61e289b68b383b5dbe18af553608a","first_seen":"2025-12-24T08:43:41.082153Z","last_seen":"2025-12-24T08:43:41.082153Z","times_seen":1,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":64,"dns":43,"connect":1,"send":0,"wait":330,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"rosecat.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","date":"2025-12-24T08:43:17.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rosecat.info\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rosecat.info/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 08:43:17 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9b2ecf6c0a815695-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"04aca1f4cd3ec3c05a75a879f3be75a3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-cachedat: 08/01/2025 14:01:31\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1334\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: eb9e1266130e36350ed5b5d8b73d87a2\r\ncdn-cache: HIT\r\nage: 3692724\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140936,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65324)","md5":"04aca1f4cd3ec3c05a75a879f3be75a3","sha1":"675fcf28f9fbf37139d3b2c0b676f96f601a4203","sha256":"7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11","sha512":"890415fa75ed065992dd7883aed98bfbdfd9fa26eec7e62ea30263238adca4eecd6204f37d33a214d9b4f645ad7d9cc407d7d0e93c0e55cf251555a8a05b83ff","ssdeep":"1536:un1QWSUPBT+QYYDnDEBi82NcuSEz/NvT/gIENM6HN26e:q1L7PDxYIENM6HN26e","tlshash":"bdd373a7f5a0312da467c61864d0bafe156f8285d7221ffaf42737644b895cb0a73e0c","first_seen":"2023-04-05T03:23:19Z","last_seen":"2026-04-04T06:41:56.365324Z","times_seen":19475,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.3.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","date":"2025-12-24T08:43:17.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.3.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rosecat.info\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rosecat.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15f5b\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 24 Dec 2025 08:43:17 GMT\r\nage: 3615171\r\nx-served-by: cache-lga13623-LGA, cache-hel1410031-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 41, 13390\r\nx-timer: S1766565798.878064,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 31046\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89947,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"cf2fbbf84281d9ecbffb4993203d543b","sha1":"832a6a4e86daf38b1975d705c5de5d9e5f5844bc","sha256":"a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575","sha512":"493a1fe319b5c2091f9bb85e5aa149567e7c1e6dc4b52df55c569a81a6bc54c45e097024427259fa3132f0f082fe24f5f1d172f7959c131347153a8bca9ef679","ssdeep":"1536:ENjxXU9rnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQK:EcqmCU3zhINzfmR4lb3e34UQ47GKL","tlshash":"4c9318ddb2c6b06247a770ba407f610ff236199d684d4400f169d8e9bc78a4a827bf7d","first_seen":"2023-03-10T04:24:46Z","last_seen":"2026-04-04T06:56:16.658917Z","times_seen":23350,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":78,"dns":33,"connect":26,"send":0,"wait":26,"receive":9,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rosecat.info/favicon.ico","fqdn":"rosecat.info","domain":"rosecat.info","tld":"info"},"ip":{"addr":"104.21.95.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip","date":"2025-12-24T08:43:17.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rosecat.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 28 Oct 2025 08:53:32 GMT","end":"Mon, 26 Jan 2026 09:52:01 GMT"},"fingerprint":{"sha1":"48:81:FB:C4:B4:14:6C:3B:FA:42:80:E3:C7:2B:00:37:A9:D6:C4:14","sha256":"53:29:AF:5F:DC:C4:99:F8:30:F7:04:09:43:9F:19:2A:9E:D5:BA:27:AF:61:C4:0F:09:83:C9:A5:D8:53:C4:05"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rosecat.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rosecat.info/tracker/index.php?code=adu\u0026q=star.wars.insider.2025.full.year.zip\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 08:43:18 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HvTK8gsN6CmafMVRBMLKUAcWGFP0bdxI8oXxHqEwZ0SuwzrYda0ImABnkp3H7gTFOtLmWb%2BfLGFmUgVIqmgXcjnHrFeDGAisP6s%3D\"}]}\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b2ecf6d2f7123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":169,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"07381e0839deff7c3cb3b0d8d467ed56","sha1":"fd6407fd0a38a08dcf1c2fbbfd03fddcaea45545","sha256":"68ee4ae637d5881c4398323e9c841d94962e4efb53a67e884a6c0561725e5196","sha512":"abbc10832e36a7811957ed6f83d6dd81ae193e11fa18d65ee251c777c887b2263baf2b62301e664f3249a63f65d42611af0728a6439d447daaf15364b7d28cbc","ssdeep":"","tlshash":"cac08c6d6623bc8dca93227826c3a180c1d6932baaea451145c0914370cb29a8ac239a","first_seen":"2023-04-12T14:57:34Z","last_seen":"2026-04-04T06:26:15.952181Z","times_seen":1658,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"rosecat.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}