{"report_id":"ca6ec8c2-9ced-4353-bd4a-673b1ba6674c","version":6,"status":"done","tags":[],"date":"2025-12-26T09:31:25Z","url":{"schema":"http","addr":"exintlr.com/","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"172.67.192.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"exintlr.com/#/","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"title":"EXIN","dom":{"size":109254,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8199)","md5":"64b648c4fafd93c92dc5cc0a95cf3ef9","sha1":"0072ca5eefe94b03c75b3717718f1fac822b4e83","sha256":"f8c7e8b0cb81dd66ae8178b5559cb9125f6a941bbcaeb208561ae1fb50021159","sha512":"33a0ba3aed4f4461fe32b372c113a66dbc5d218c320a99d91186d7375d0216b0963b1d936a567ce457e82e888fbfc8b1d197a091449d61109773cb1b58664d28","ssdeep":"1536:FhdZXEnFCXmKJUYCrAHremGFQyodzFqusAXSWU+5KVQS0rrxRco/7:cy+FqSI","tlshash":"4cb311367087386714b7c4c4e880ee9870d6af37d3a68b59a3e60b970fe7ed92911714","dom_hash":"domhash206c2ec913bd9a46004bef479cd28891","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"exintlr.com/","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"172.67.192.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-30T09:31:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"tradingbapi.homelive.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"exintlr.com","ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-25","domain_rank":0,"first_seen":"2025-12-26T09:31:27.048649Z","last_seen":"2025-12-26T09:31:27.048649Z","alert_count":15,"request_count":15,"received_data":1231506,"sent_data":7351,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tradingbapi.homelive.lat","ip":{"addr":"172.67.175.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-05","domain_rank":0,"first_seen":"2025-12-26T09:31:27.047357Z","last_seen":"2025-12-26T09:31:27.047357Z","alert_count":3,"request_count":3,"received_data":7540,"sent_data":1621,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"at.alicdn.com","ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":96084,"first_seen":"2013-11-28T05:03:29Z","last_seen":"2025-12-22T06:31:48.536609Z","alert_count":0,"request_count":1,"received_data":56835,"sent_data":515,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.220.205.65","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2025-12-22T10:05:12.347547Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img.novadrive.pro","ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-26","domain_rank":0,"first_seen":"2024-08-26T09:46:40Z","last_seen":"2025-11-24T04:31:36.371066Z","alert_count":0,"request_count":7,"received_data":73399,"sent_data":3213,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"img.ossasia.lat","ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-05","domain_rank":0,"first_seen":"2025-12-26T09:31:27.044975Z","last_seen":"2025-12-26T09:31:27.044975Z","alert_count":9,"request_count":9,"received_data":43067,"sent_data":4113,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"exintlr.com/static/js/chunk-vendors.ea075875.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"70c49c3462d3421d001c2c4cd964b96c","sha1":"899057caa257138eb40d8e8fbf3201d5c7393a2b","sha256":"72e50786bc5e7149737ff0a66fdf397a7fa94fc0b8cb5097abfc942e7fad88ec","sha512":"e869cbf9d5547be2eeb87aab216235f5c753dca4668c575d2e7dedf3a31614889a4649b6c2c3e8860e05194c50e9f6709b9eaea261b931320a84a7433c37b8b2","ssdeep":"12288:ssKKGABOHMMT5rTv6zfFuUayav/zisO0Uu:lfWMMl/6zfFNaygziju","tlshash":"bf15198db281b0b60be760b1403f220bb23b6959b80a95d4f675e4e46d78d8d5237f7c","size":885251,"data":"","first_seen":"2025-12-26T09:31:33.515688Z","last_seen":"2026-04-03T17:10:28.361106Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/652.95019868.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"19b9cd6cbc4fe58e0dcfabef6e545cbb","sha1":"9ae9b22cfe03aafd9a09139b3ff6736906815684","sha256":"061ef342b2ed98768132f26868bc134bdd9aa80c1378639c1876c37224127009","sha512":"de9684e90e8c86196d13e0184ea54120c3034dcdd8a5370b894b7151b47fc1956ee16194cdd8e456dbcdc8ae10f353a8e441f5d780fd997059fac2953c4528a0","ssdeep":"192:ELqRsmHGefdcvXq5Y5LqRsHDPYPPXKevv9fgl4Lgg1YIHcClLqRs8GsLgmLqRsG:E+ZHGEdlg+EDzkBn8gVHcu+F+1","tlshash":"1f52f9a7b29f781516e780409a198119f2263b0ca474c690ebed9fff46e1bce4761f1c","size":13231,"data":"","first_seen":"2025-12-26T09:31:33.473651Z","last_seen":"2026-04-03T17:10:28.394959Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/495.f2615e13.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"548d7d97a1428f252f68f2ff9cf55245","sha1":"73e4be421065a46f5cabe2165904f7dad22f9a5e","sha256":"8c67f76aa7deff15a3b5358b12b811a0f555c8a680740e87524614b82ce59aa3","sha512":"8e5c79f6097a00fc9e307bdbcaa7dc069f9ae4b99cb0aaac72ded16d13140e75eb872f7ce2a4c610a3f6616f859829918d5344b2b296998355b35a3b11166807","ssdeep":"192:lGqRsnPcM6hWV2tHT+29AI84COcBTJFE1je5hGSt+mG:JePf6/xUXysO","tlshash":"e7220e6da0cd9db37fc828c84089a10363ce6a15dee0bd43a27b4f95c6be615125ff64","size":10461,"data":"","first_seen":"2025-12-26T09:31:33.460631Z","last_seen":"2026-04-03T17:10:28.329718Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/836.09494f49.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c23a3efb9a19ae5d8a0f4157580e91ec","sha1":"592cf66fae8c91770ca0a81a547a1da49321d213","sha256":"f81918b1468ac4075e67c4c9c98476e833b6ed4e7509273d7b08eca4c853f576","sha512":"3f8b609082149f11ee4e1c20e9563195c59a266dbca84f76bc8b6e401ccd8f734bcfe3b62fb83e8445fed2626cd97cbd0ecde5b1be8fb958dc9bd8ab5c6ca7a2","ssdeep":"192:3KqRsMqErBxYKqRsnW0cBLF9fNOvrIilDLawDLiMZbN0aucW:3/wE1xY/yWDX9fN+MrPMZZK7","tlshash":"9642e811b189a80b1d9fc86420e5451f62266f0b9460e581f7f97efa0bfaf890326f5c","size":12042,"data":"","first_seen":"2025-12-26T09:31:33.488651Z","last_seen":"2026-04-03T17:10:28.369768Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/498.edea2d4a.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a27e102ca5ffdbae10ea6d51e08ea2c","sha1":"ba72b572d41b6ce2862d243ca7e445070c023792","sha256":"d0066cbc26783304dc95ef3bc566e8a83a715d3776e95e04abbdb724bbdc7811","sha512":"a47de9d1f18fb74373a36b43c7c7f7555ec78970d69aa176b9adacd6d11dd0518e747572ec0a72f91b3a8bbb1d74e59a7914d257a9fb42648498f9f27f03bd03","ssdeep":"768:zgGOuXgpIDh0pCD3n5acD4vjKO4r8CkroI0pZE:zgGVXgpIezcD4bKO4riHuZE","tlshash":"fdf21914f0cab41f0a57e42c2267112851365a22b211df59fbb695a94fe6b8f0732fbc","size":34312,"data":"","first_seen":"2025-12-26T09:31:33.495222Z","last_seen":"2026-01-06T10:09:34.094239Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/config/domain.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"45eed8467d3c6a8e24208eb318852936","sha1":"5644c4f03afaa6c6a2e7cf09ae9daf629867c8de","sha256":"72419a1ddabbe75e0a452c1a2d7163d02b81e98a56feb65794ee30ecfff3fad6","sha512":"cc70900ffcb0d3a1a7e49880c0e2eacd2eb32a07208a79346b108a0ec4593454ff9a4411de53199ec2280f2ae56163a8528fb902807356a13c1390ca36f9aa8d","ssdeep":"","tlshash":"99d0c9de3aa13800518a126c245b72196929c88bd858288aaba0c442aeb24644d31a7d","size":197,"data":"","first_seen":"2025-12-26T09:31:33.514389Z","last_seen":"2026-04-03T17:10:28.342974Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/index.45b3d92a.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"92f0c191964d07dfa551e2b70ea22736","sha1":"45d41740714f9e0b9c11e6acb4178b6bec662583","sha256":"f07d68cc063a828b53c69c7148f00e1d461e959165c4ae1823cc83eba5caaf0d","sha512":"981f878a043729b828b3ff19ae93464ed2b29c30c06bd2948002c50dd4e8835b6b73d30c7bb06ca6241277363693165f95c31e6bfefe2c10fc6719766978c5b1","ssdeep":"768:GnuxHqHZ0eIpdZXEn1N+fc9W+zLSP+c3c6ymsrxj/gXxRotQOSAlZ9/l5o7y3e6k:vKwpdZXEn19Wsmhsrxj/gXxRw34trBc+","tlshash":"e133299af586e68f21e7347c7d3fb60769361c90088cd002f359a5965f6f98f9212f48","size":54316,"data":"","first_seen":"2025-12-26T09:31:33.50429Z","last_seen":"2025-12-26T09:31:33.50429Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/692.8a1c1aad.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2e123c8b0d7464babb642401bbe1fb8","sha1":"0c6dabcd6e6a5917e6ee5503b8e20544618b2a03","sha256":"b510179eeea01db8a81225c5f92ed04db6b100c08bbcdf089f41917641012083","sha512":"39ff44ce6fb04dda63e6da64289ff10566e7dc6c7b0b22e85313cd2351ef9fa826416a02d5ecc090c72bd70dd68dd84724c5d88807c1dbb9d12b3c56bcfab7cb","ssdeep":"192:3MuPCiuiXiwiriG+gw07/2XV7lvbeTimAqRsO4gl7:3MD59/2XllvSTPZh3","tlshash":"3022f044aaa7085009a79506dac85b15807de2a329364dce73d875cf8fa3bdc23a47f7","size":10133,"data":"","first_seen":"2025-12-26T09:31:33.493836Z","last_seen":"2026-04-03T17:10:28.362535Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/pages-home.f999b13b.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfe0e0d7f7bb2ac1eaafe48adb3d1990","sha1":"76d8e6f05e6800e768a9fae525ad68a94327d6db","sha256":"44a3e988261e2fba641674612fd3ef5a9d4bcaa781a38df7c7bd4790df08215f","sha512":"4b5705f4c3caf9372dfac944fb925f5406847959fc936aaf8bb30b804e4e9ad0a7c92eef064a11f2fb6e47f467cb0248c42b17b432c4fcbee2c83347f9a4903e","ssdeep":"384:h0x42Pw5TIFCT7Hrdu7VGn1790zLvG8na5iI70O8Hwa:h+K0CHZui0zLvG8a54n","tlshash":"78f2f720b047b05e699bc145e422557850306f3ee3e2e2adfbb18ad64fe5fc61b2275c","size":36201,"data":"","first_seen":"2025-12-26T09:31:33.475268Z","last_seen":"2025-12-26T09:31:33.475268Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"93368157fb131b56a45d6f60f8b40342","sha1":"ea2a25edb7b00c3e0a06650f02fded5bd87dfa20","sha256":"c48d4859bc082aa591168f7d7230bef438ecc2b3074e707c83864e11ec1a891f","sha512":"366c90d022f7fd6718d76460de51a154cf6cf8bf8e3aefa2e0e736cbba24ec53506485331abd3c3c2a7e6ae00c9a3b957a9aa675ecdd389afca7863ad8365908","ssdeep":"","tlshash":"c8e068c260a6294c02208016304ac1031bb608729ec149613c4c67a58fb9f4bc46e859","size":352,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-04-05T10:06:06.763396Z","times_seen":3381,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-04-05T11:11:45.437116Z","times_seen":14283,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"img.novadrive.pro/a7497a78f2dd61a58b8356541598e096.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /a7497a78f2dd61a58b8356541598e096.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 9176\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5eDZrIrkaYgCFXd8bN57xWMfxwBOInmfThGW%2Fup%2F3PZQjZGNq0NsEZp7F82Jdnx83fr7X4LDzIDDeZFOndFC6AsVdpSdseoBXAxNlU%2B4UEEa\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"80086948fefdd4be7f8c828348402b36\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 5641\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e58a723eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9176,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 392 x 392, 8-bit colormap, non-interlaced","md5":"80086948fefdd4be7f8c828348402b36","sha1":"f4391309ee6dcab6978286fa9cb3f96bddd0d990","sha256":"1aa8ed7e16acd79aece7f3945ee2c3b91108271d595ae7997c862de5ab2108e1","sha512":"d31a614c057cd5c3604b3549b14fef2043e69610dbc5309ec2695b1ac7d4d1fba84f9fa2f5eaf8c7f237bc8ee2128774ce855eb4b64a54b96e4ff324f7e2812e","ssdeep":"192:3N3Tfo2xh1ypNf3zfps5bbnPa63GS9DS2VVIJFlZSTQ0Ipt5Q1Xz:3p8kyp1fps5axUS2VVIJFlZS8bpwD","tlshash":"14128dca96cb663020d785a4b561e2f9bdd855ccf9a44607cd9e00e1e036472631ef4f","first_seen":"2025-12-26T09:31:33.452317Z","last_seen":"2026-04-03T17:10:28.373315Z","times_seen":3,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":87,"dns":15,"connect":6,"send":0,"wait":28,"receive":1,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/ead558557cf7496c4a69416f8a90da65.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /ead558557cf7496c4a69416f8a90da65.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3552\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4P1ZqHL%2F8uC7UE%2Fta9l6YNjM6wvf5ZBfWNqJkvTmWczJlXZ96Xv9Wkh5obdAvHGHR4tlhI7XX%2FpenBn64HD5J287%2BM8mFzmreMHYkLxivg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"66857e933bb98c22847dfdcdba040d80\"\r\nlast-modified: Tue, 09 Dec 2025 16:11:05 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902edbda2678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3552,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"66857e933bb98c22847dfdcdba040d80","sha1":"f5411dd74bb4095d8ec37de345329417789953ab","sha256":"b98792dd6a486c3f13f55c2a7c733c59c8317174e7aeed410eb9147703e58be0","sha512":"5efe4701b293a630872d2ce1215d4ed085baed016cc4e7c1c872309c96840adead8a0baa2d024ff2cbd6f7bb91ac834e5d5edce956157b5ebd7223d11536c99b","ssdeep":"","tlshash":"8a717ece05d12a65c5aa4b7489ca236cd772c2dc164e7157053e24973bc62b0868cfa0","first_seen":"2023-05-22T09:14:53Z","last_seen":"2026-04-03T17:10:28.379885Z","times_seen":4,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":131,"dns":53,"connect":1,"send":0,"wait":6,"receive":1,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/d54625f667bc9f63352679378e2b7086.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /d54625f667bc9f63352679378e2b7086.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 7871\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E70Nh2nlvju9mlFvOh2oho36jI3uA2Dsi9zL%2Ba68B6ciMQe1HWT2%2FQomcLrfBvQFaeMLtHGCaB0Vs%2BhBo9C%2FD2ilan3Fihvd%2Bog3KzrYQg%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"b1b6c559858ccc0b1c9ca756cdb61c60\"\r\nlast-modified: Tue, 09 Dec 2025 16:17:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902ecbce2678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7871,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"b1b6c559858ccc0b1c9ca756cdb61c60","sha1":"3f716d8a92422256ad7d501f76916774084f9ea5","sha256":"cb3d2cdd4bac4e8596900aff024f983bd0b224d905816874f069376149cfec7f","sha512":"166b96ad74c71a587667c5112a308d6744349723ad1ecf655a211ee8a6a3cfd7d0aba4d578aa6fa02783653fd347009fbce0ddb395d68157dc1bfed7c5114e3f","ssdeep":"192:qSSp+kkaR7hvxlJtxBHLJvuQWqAUIktEs9OdtQ/hV:lYFbxBHLgXUIkVA8D","tlshash":"aef1c05523be59efc2c4aabcdce98d41117bef9a8c18df0317d8972059aab1dc19f104","first_seen":"2025-12-26T09:31:33.457916Z","last_seen":"2026-04-03T17:10:28.359905Z","times_seen":4,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/495.f2615e13.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/495.f2615e13.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-2acb\"\r\nexpires: Fri, 26 Dec 2025 21:31:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cQ3IHel6EHWZTcZBKBsgv58ayIpiRq0QvlHaTCpzLs8LGSz8Mv%2FXhhb1NiK4IgADJddM2uCcCYIhbxLWbjGPsgzpdPQcAGFAmIap\"}]}\r\ncf-ray: 9b3f9026dd73c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10955,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9543), with no line terminators","md5":"548d7d97a1428f252f68f2ff9cf55245","sha1":"73e4be421065a46f5cabe2165904f7dad22f9a5e","sha256":"8c67f76aa7deff15a3b5358b12b811a0f555c8a680740e87524614b82ce59aa3","sha512":"8e5c79f6097a00fc9e307bdbcaa7dc069f9ae4b99cb0aaac72ded16d13140e75eb872f7ce2a4c610a3f6616f859829918d5344b2b296998355b35a3b11166807","ssdeep":"192:lGqRsnPcM6hWV2tHT+29AI84COcBTJFE1je5hGSt+mG:JePf6/xUXysO","tlshash":"e7220e6da0cd9db37fc828c84089a10363ce6a15dee0bd43a27b4f95c6be615125ff64","first_seen":"2025-12-26T09:31:33.460631Z","last_seen":"2026-04-03T17:10:28.329718Z","times_seen":5,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.novadrive.pro/b4abddd502b129fa0c9d01b3bd994c79.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /b4abddd502b129fa0c9d01b3bd994c79.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 9371\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DszqgRAuh6TdKps5LN%2FgFEM%2BX3pecG1lVwRWKjRdW2lKLyXf5Rit6v4mX7TcHZnB9Xx%2BOspdUQUdDQSK3KrtT5%2BV6ITZ6smUdDKotybVnkyv\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"36947d879450c73f694c98b363f7cada\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:21 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6132\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e892323eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9371,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 289 x 289, 8-bit colormap, non-interlaced","md5":"36947d879450c73f694c98b363f7cada","sha1":"217f5caab01a14c2608a80ebdb4efb01f4c4f77b","sha256":"1cb77342d60e462b19429ba7f1cb67aa65e04650fc1853dfc2aa53504d8a44e7","sha512":"4fa0b9f863bb5ace12da3a7e0493b055bccd8cc034fa963389de835ef777c4ea5ce474c72d5251901ab186a316f17eba6106d2b1acf253b57c4ac07a35ea6ebe","ssdeep":"192:C0M9ZsKxcGMF79J1+Rs7ViheWcCDmnmWnIUwZ+6Y:LAZsKqdF7D157M80+6UwC","tlshash":"7f12bf879ad80f9ab92fd79994d8af05efc10105ec1059e5c6672d3eb731538a513c00","first_seen":"2025-12-26T09:31:33.463981Z","last_seen":"2026-04-03T17:10:28.378408Z","times_seen":3,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":122,"dns":24,"connect":3,"send":0,"wait":20,"receive":1,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.novadrive.pro/7cb77546bef150cff383fdd4df6a53ab.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /7cb77546bef150cff383fdd4df6a53ab.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 6871\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iAkuimgRhLblOdD%2FJ%2BGlZuhgzVowPnJmqLU%2BVmP9TJTBRAtF%2F0CM1aIiInoD623AARHccC%2FGl0GRhjGvMyIvLA6clkpYhfJ4gaBssKeKkm6b\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"21fff70f6613675db741fa9eaaf45aa3\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e791b23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6871,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 392 x 392, 8-bit colormap, non-interlaced","md5":"21fff70f6613675db741fa9eaaf45aa3","sha1":"226a54b4dc7ba489158081553fcf9b0d8c6590bc","sha256":"73b79bbd10ac86c332f8fe95434cd48240364ac39ef3a891a0f36f697338bf84","sha512":"6e78b5245a94dc2c5f2114d43c49fca773acbadfc1629c9c9116fa13dcb84f591393422d96a4fe3245615b7987cf540c8bf51269d822d69cad08faa376b9180a","ssdeep":"192:k9FPFsYafA2j46WXXp5NIrMV9aZT5mlhzIFgxkXam1FD:EP842jLWHpRV9al5mlhkAUaW","tlshash":"e5e16ceaf9a2b90bea5cf92ee2df103171c411655b213fe291500f978539643db6ac03","first_seen":"2025-12-26T09:31:33.466854Z","last_seen":"2026-04-03T17:10:28.357573Z","times_seen":3,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":100,"dns":6,"connect":6,"send":0,"wait":6,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/chunk-vendors.ea075875.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:02.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/chunk-vendors.ea075875.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-d8203\"\r\nexpires: Fri, 26 Dec 2025 21:31:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3pPNQqVQvJyeVQmM%2BzTAuOQwMmJ5rCQMD13uXq1tS7kg7nt1h9SWKd%2FehSBzaeRCVeJiY7JoLEmCHC%2FbbnP%2BTESJvmJW77AI3B5I\"}]}\r\ncf-ray: 9b3f901ccbe9c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":885251,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65156), with no line terminators","md5":"66e15af06e05fdb96c699db1fe850005","sha1":"920a4a94e49d01079677fab4b80b909372080b92","sha256":"4f15c5381ff6a35d1b05006e619db0944f108ae756af037f2bea6e36acdc426c","sha512":"e1a1ea21b9c5b3b68803a59954b8dfd9a8c241c862ef9f4db24a80f57341a578eca80eccad6e1b8ed810854113df0178746e67498c7ac6e242791ddb6277e560","ssdeep":"12288:ssKKGABOHMMT5rT46zfFuUayav/zisO0Uu:lfWMMlo6zfFNaygziju","tlshash":"1e15198db281b0b60be760b1403f220bb23b6959b80a95d4f675e4e46d78d8d5237f7c","first_seen":"2025-12-26T09:31:33.46909Z","last_seen":"2026-01-06T10:09:34.099086Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":862,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tradingbapi.homelive.lat/api/home/set","fqdn":"tradingbapi.homelive.lat","domain":"homelive.lat","tld":"lat"},"ip":{"addr":"172.67.175.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"homelive.lat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 05:40:39 GMT","end":"Wed, 18 Feb 2026 06:39:22 GMT"},"fingerprint":{"sha1":"04:33:9E:E7:75:84:6D:AA:2B:C7:89:25:FD:5F:6E:9E:D8:79:4C:DC","sha256":"45:13:F7:F0:D8:55:9F:F4:22:DC:A5:60:31:FE:A5:21:0B:DB:37:BC:EC:27:A9:2A:C5:68:CD:F8:41:5C:BC:87"}}},"request":{"raw":"OPTIONS /api/home/set HTTP/1.1\r\nHost: tradingbapi.homelive.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang-id\r\nReferer: https://exintlr.com/\r\nOrigin: https://exintlr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://exintlr.com\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: Content-Type,Authorization,X-Requested-With,Accept,Origin,Token,Lang,api-key,useragent-info,lang-id\r\nset-cookie: server_name_session=47bed99e15031a6faa2cf2643bba405b; Max-Age=86400; httponly; path=/\r\ncache-control: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MdN8cBPqf1MLylHTlgMtHafZUmQAh5X7N%2FK9WQZb%2Bp5dmRkq3o4WAZdS61dy%2FFy758NC7hD12VAGPSB9QBB%2FxsoeMjvPA8IuPzVQ3vxvt74ck1Hl4wZoLQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b3f9026dbada0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T10:47:07.00812Z","times_seen":13371829,"resource_available":true,"data":null}},"time_used":494,"timings":{"blocked":75,"dns":29,"connect":3,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"tradingbapi.homelive.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tradingbapi.homelive.lat/api/home/set","fqdn":"tradingbapi.homelive.lat","domain":"homelive.lat","tld":"lat"},"ip":{"addr":"172.67.175.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"homelive.lat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 05:40:39 GMT","end":"Wed, 18 Feb 2026 06:39:22 GMT"},"fingerprint":{"sha1":"04:33:9E:E7:75:84:6D:AA:2B:C7:89:25:FD:5F:6E:9E:D8:79:4C:DC","sha256":"45:13:F7:F0:D8:55:9F:F4:22:DC:A5:60:31:FE:A5:21:0B:DB:37:BC:EC:27:A9:2A:C5:68:CD:F8:41:5C:BC:87"}}},"request":{"raw":"POST /api/home/set HTTP/1.1\r\nHost: tradingbapi.homelive.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlang-id: 17\r\nContent-Length: 2\r\nOrigin: https://exintlr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://exintlr.com\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: Content-Type,Authorization,X-Requested-With,Accept,Origin,Token,Lang,api-key,useragent-info,lang-id\r\nset-cookie: PHPSID=62872f769553da4136c09fe3f920b7af; Path=/\nserver_name_session=b50e28384ffe87d19cdc2fab70ca8c3a; Max-Age=86400; httponly; path=/\r\ncache-control: no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NgbWpUQC0uFwMzf1eHI4DWJRYjbJHOq6CpYCeAubdSVfMLJQ%2FmwI7hn3K2GUkm0Adig8iRJfB4d1i9aGdgX6UozN6mJ4xe0p7TwxqCJlkwlBzF%2B51TE%3D\"}]}\r\ncf-ray: 9b3f90290946712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4646,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"011018523796237c5b614b0d14ad83ae","sha1":"2b3a787dd2d67e2c3cb666acb8b359372e470f42","sha256":"864e3cea544ccfd1d9379755385729b955d890553e3458b90506c6601c3402a0","sha512":"f8a23bbfc1a53fb15f64a772f8e2262ccc2a1b54c1b1e026855ada9e7160b97b940fea2d278e7b2f52844f032a9fe0050a0749e55b49848b79ce7d3b938ed34a","ssdeep":"96:Gv1zpvvgkbmjBgeI/Lb9GrNLif/xxAJ9rVMnIK9Pea1C4UHqQPfB:GvVpHgk+BgeuLb9ONLifZxAJ9rVMIK90","tlshash":"67a1466f7b99aa0c6461c1d01de7f98df2d52817ee9bbda10cdd8d7c108474831ab622","first_seen":"2025-12-26T09:31:33.471896Z","last_seen":"2026-01-06T10:09:34.095387Z","times_seen":2,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":31,"connect":3,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"tradingbapi.homelive.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/652.95019868.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/652.95019868.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-359d\"\r\nexpires: Fri, 26 Dec 2025 21:31:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aACHx1WtzIdWrUUP2jkRbF3bAIzpyJwfzSAQ2Qm2n1MPhJjNtMBIyKr2CqycRv%2BwlMXjLMGO5SttlW%2FV1ue7UXpOq2eKMvLjYcvZ\"}]}\r\ncf-ray: 9b3f9026ed75c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13725,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11313), with no line terminators","md5":"19b9cd6cbc4fe58e0dcfabef6e545cbb","sha1":"9ae9b22cfe03aafd9a09139b3ff6736906815684","sha256":"061ef342b2ed98768132f26868bc134bdd9aa80c1378639c1876c37224127009","sha512":"de9684e90e8c86196d13e0184ea54120c3034dcdd8a5370b894b7151b47fc1956ee16194cdd8e456dbcdc8ae10f353a8e441f5d780fd997059fac2953c4528a0","ssdeep":"192:ELqRsmHGefdcvXq5Y5LqRsHDPYPPXKevv9fgl4Lgg1YIHcClLqRs8GsLgmLqRsG:E+ZHGEdlg+EDzkBn8gVHcu+F+1","tlshash":"1f52f9a7b29f781516e780409a198119f2263b0ca474c690ebed9fff46e1bce4761f1c","first_seen":"2025-12-26T09:31:33.473651Z","last_seen":"2026-04-03T17:10:28.394959Z","times_seen":3,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/pages-home.f999b13b.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/pages-home.f999b13b.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-8f6f\"\r\nexpires: Fri, 26 Dec 2025 21:31:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oG05UCojpjT1K4cxj2J9cRFeKsHyNIm1FRcIhQVrFeT%2FZ4NNfvyalApkZVEJOapWyNC3LkJrDVYGffU681UP%2BL6HHX%2FXtQswk03z\"}]}\r\ncf-ray: 9b3f9026ed79c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36719,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32904), with no line terminators","md5":"dfe0e0d7f7bb2ac1eaafe48adb3d1990","sha1":"76d8e6f05e6800e768a9fae525ad68a94327d6db","sha256":"44a3e988261e2fba641674612fd3ef5a9d4bcaa781a38df7c7bd4790df08215f","sha512":"4b5705f4c3caf9372dfac944fb925f5406847959fc936aaf8bb30b804e4e9ad0a7c92eef064a11f2fb6e47f467cb0248c42b17b432c4fcbee2c83347f9a4903e","ssdeep":"384:h0x42Pw5TIFCT7Hrdu7VGn1790zLvG8na5iI70O8Hwa:h+K0CHZui0zLvG8a54n","tlshash":"78f2f720b047b05e699bc145e422557850306f3ee3e2e2adfbb18ad64fe5fc61b2275c","first_seen":"2025-12-26T09:31:33.475268Z","last_seen":"2025-12-26T09:31:33.475268Z","times_seen":1,"resource_available":true,"data":null}},"time_used":357,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":357,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.novadrive.pro/b905fd1d7f964cc8420d15d2238c6bf7.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /b905fd1d7f964cc8420d15d2238c6bf7.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 11128\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6cxLIj2HfnalNmrwofd1TcCFC5GQ4k9ZfoMzRpIPrz0%2FAAzMbzjuWfRlsj6wnB%2Fm%2FIh7ePVkxbF8fz3EGWJHCIxSjwMPT%2FDTTJav6kogSVtf\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"21a344a2012dd747bfc93afd13110dd5\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 5724\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e892a23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 459 x 458, 8-bit colormap, non-interlaced","md5":"21a344a2012dd747bfc93afd13110dd5","sha1":"f8db067c61fff47e9b9ae01f0c6c0a46cfb387b7","sha256":"bf4300cd9e711c106fab68458e1bf7430efb5a01291acd7f8c3bac2219d7f11f","sha512":"2b7e679299f042c91d684e2ec9212c90e613536e3f260cdce602ad56aff9dbb89b641bca1bcda78c98bec0fda86169bfeb522e988ea37ccecfdeaeddb71d7096","ssdeep":"192:i0ejJJjOHuIo9mnu5ac1pyxXDwHv7wsvL/TCcl2kMDCYmbaDQTWMVg:i0IJ+zo0Opk8jHaDC/ODQTfO","tlshash":"7732bf715ed07c725ff398ea14aca01cbd3f95d3520076c60853dce1a6e98e590e2a7e","first_seen":"2025-12-26T09:31:33.477059Z","last_seen":"2026-04-03T17:10:28.346045Z","times_seen":3,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":101,"dns":0,"connect":6,"send":0,"wait":19,"receive":1,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/69e04666d41d157d2f594f6edeca5f83.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /69e04666d41d157d2f594f6edeca5f83.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2378\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=291ygTNT1A5RrCMqtEcBfJzQ6ry3rYbn7wzdR8NxiUSadcdxHL%2FB9WuHUugPGxnyrQc6SUSQJUPr6IyIKvby3cjSVOo26Iup2UecMwxWNQ%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"1a7210ad7b664b8eef22a31e91111857\"\r\nlast-modified: Tue, 09 Dec 2025 16:14:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902edbdd2678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2378,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"1a7210ad7b664b8eef22a31e91111857","sha1":"b9273b1959634631a8ea9a20299c8679887d0701","sha256":"da7fccb4e93df768e3e198a47c4ecde209d35727239bff05255dba8518b6d664","sha512":"ce7c216220f718d832c363f595b858614ac2e3e5a135ed367c1a75910c77c6c55b51581b9cefa20daaf872623ac02fbc532ff56871c7ce3cdc41b50e9cbd7a54","ssdeep":"","tlshash":"14413ae38a847dd48a50bc166a743900d4ff2209540c713856de7f3ab1a27e9f1aa52f","first_seen":"2024-12-26T10:47:18.347809Z","last_seen":"2026-04-03T17:10:28.358714Z","times_seen":5,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":115,"dns":36,"connect":1,"send":0,"wait":7,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/9ff225631b1d2db7ec383e3aa96691e3.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /9ff225631b1d2db7ec383e3aa96691e3.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 5547\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CzsGwwj1FVp3%2FOlBSUyXURx3Z7v%2B16e9gAq9ycWq5Y4MrYi%2FR1tQwGukDNSRoiDgDKbsFNGTInAvNSTDWEhfokbGJDRfdWbbd6LEFAP11g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"9622ef4a665ca8b40a299d75ce89e373\"\r\nlast-modified: Tue, 09 Dec 2025 16:15:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902edbd92678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5547,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"9622ef4a665ca8b40a299d75ce89e373","sha1":"72723e4b5f671d4be7fda28c3905b17ef60e9be6","sha256":"87240793258af9f9611d96e7931660e7ccfe0739b9900111aeb891072d73af08","sha512":"2a391c7f39b96d109fc154be7dd493b286adbc5ad730917234e61d92e578791bf9b4c865de9106f3f07c8e17a9dec2164a4b9890f93972c3f5ddce15ac589133","ssdeep":"96:oQgSiMjqagaRvF2PkEjYw52Ey2XzzXWV2rz+1s0S4gvBzJM7bmC80pPTXLNM7J2h:qSiMFt2MEjYNlMzXW8r70SlFJMXlxJOC","tlshash":"49b18f0f1b0776cacf00b5bf497b5136dd1aa832450daa1982fdfbadad445a877e0184","first_seen":"2025-12-26T09:31:33.481465Z","last_seen":"2026-04-03T17:10:28.347687Z","times_seen":3,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":93,"dns":16,"connect":1,"send":0,"wait":7,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/favicon.ico","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:06 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Fri, 05 Dec 2025 02:50:57 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69324891-1e23\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r6EKMvDAg6zOhMy0B6mmZbxcoCK1Z242JDRzx9XiHJloZlaccweuvc%2FNoZh5Zt2jFP%2FyoOOCyOJpBsYxRc%2Bc%2FhwnzYTrlKV3oCPU\"}]}\r\ncf-ray: 9b3f90311f1cc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7715,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 112 x 132, 8-bit colormap, non-interlaced","md5":"4fcc8490f2167279d8b5375c3fbd2a8f","sha1":"346437ff5ef56f8cc2ffddbf733d85782ffe39d5","sha256":"cd64b74f60099de81f1175de344b0d3934361140f60fac8d2e2c5c04b991237e","sha512":"c451fac366de38e0f1eb047394b513a56d2f75ae8202e159c1621e49adf132817c38b5a2286414852f26ec89cd8485b3bdc154646f83dbfb97f5030cefe4eda5","ssdeep":"192:t9SDNUI9aumgti2Qvt0ksSUT7pxYykbIDVSS:t9ayI9Og/G27pxYy+IDVJ","tlshash":"cef1d0864bc5bebe045c0783ec6704b76c62384158162d3efe7c2f1de6d9948c5b4932","first_seen":"2025-12-26T09:31:33.482953Z","last_seen":"2025-12-26T09:31:33.482953Z","times_seen":1,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":360,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/index.883130ca.css","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:02.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/index.883130ca.css HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-1793e\"\r\nexpires: Fri, 26 Dec 2025 21:31:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fh3S%2FrH4NtROjX0%2FLlPVyoywmxsV47ZLckW4xMxc1NmlY0DJu8TGXX568bLmF2xcp7NyIJpfdgkP1Ic%2FBqRDJAYBq8rYYe3Ggn4f\"}]}\r\ncf-ray: 9b3f901cbbe7c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2de2f2d3943b4b382a28a439daff5939","sha1":"70d04e1c3567cb4f248b29046b98386f215a4d38","sha256":"8a35934d019c2b120a31ae6c51c75b2327f22637824b2a2c2faf4ce17ae9d4d8","sha512":"eba9271e30d6e4b21954078e3ccd839a55e1dcc8212fa375c18dce42104d19a92655c2f289401525b0c9565971a31573b928666515a3ca89b1801bbd48c1de95","ssdeep":"1536:OlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nrhlvbc:VApuK7hmVrS1Wu3iG41nrPI","tlshash":"f393f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2025-07-20T12:48:29.443135Z","last_seen":"2026-04-05T10:39:42.769939Z","times_seen":2194,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/img/logo.png","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/img/logo.png HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-35f9\"\r\nexpires: Sun, 25 Jan 2026 09:31:04 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QfgBQMpuGcXpg%2FVg4v0kM2K%2BKHZ2Z85F6zNNBA%2BS4i7CPSIXxNg75G8438NVvhZAo5SR%2BSQCMallrNiOKilmBmvbmUc9BQEPOOD7\"}]}\r\ncf-ray: 9b3f9029eddcc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13817,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 330 x 134, 8-bit colormap, non-interlaced","md5":"e924d8aa112b94908a2afa34dd13b195","sha1":"7b398fd17b68ffa5f1e967c5228183286f4ebde2","sha256":"944523b55dfe5e143aa74039a8e2f71aae7741423999ecf4d4d76462cf85dd84","sha512":"4fea74d4dab0e4e68b12f813917899fae5ff68a9899e75658f594b7c4cd89b58f0d980d1a7bb5a5394a2dbcc6bf7aeac0e9ed77fed3a08ee2211236e3f5a34e3","ssdeep":"384:7yxVcVljmSzJwOyFjYsgP7+ajmIlwvXL+RvLo8Bnt8RRTYU5RGcdVex:7ycVljmSVwOEjYsgPSm07mvE8Bnt8/TY","tlshash":"e652c022d64f47711563660610c810b3a0fe14382a4de7fe66e48dd126afb97ca323b5","first_seen":"2025-12-26T09:31:33.485063Z","last_seen":"2025-12-26T09:31:33.485063Z","times_seen":1,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":358,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/d41a7d0245bf1aeb461fe8801414f441.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /d41a7d0245bf1aeb461fe8801414f441.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3243\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Qgk5tlLYRX1%2FmcYxsmXou7Xqpp0DMmtYPiD1XwcLOgdj8EAFNC5Y4w4%2FB5Q%2B5pEjoTuySEq0dUVQZl2UR6zvixDaA8qX5J%2BifRdMMy81w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"c2f20802cc457f7a9068e6807ffcb35d\"\r\nlast-modified: Tue, 09 Dec 2025 16:09:48 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902edbe22678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3243,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"c2f20802cc457f7a9068e6807ffcb35d","sha1":"b5cc6d5cc982d487c69d859501745e7c1321e35a","sha256":"73e257de8482c3e4244b934b1659dc747db128ffc6e97618748bf05bd5b9b834","sha512":"00505b2af44e3d7e502c471726c7d83957ad451bcd6d00030c82ebd36210d0aff7b99c79f51f26d7bc8af9467b5117ae9c0fcee6fa30584d5d5d31877ef1096f","ssdeep":"","tlshash":"d9615c61c3014b5ce118b9b28a5b263a5c0a9cfbd91c6f31da4aa13b3f101e32e9d715","first_seen":"2023-08-13T05:27:55Z","last_seen":"2026-04-03T17:10:28.390177Z","times_seen":1115,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":138,"dns":58,"connect":1,"send":0,"wait":7,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-26T09:31:01.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:02 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nset-cookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110; Max-Age=86400; httponly; path=/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QoJlJhhsfZt1yzcJHpb%2BY5q%2FQZiVL8tvGUlLphDGrxaF5xDKjnxuBwKTgJ%2FkJwwCYhDOJ5MJazUV4%2BLd7U5GnKe7x68vCb0fAQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b3f90192d6f5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":931,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (542), with CRLF line terminators","md5":"c67b2bc7d760d52f475f9d27becb0b07","sha1":"598f2be834d48f5fa64e48b105eaf08efd3e15e8","sha256":"4adcc426ae806fd208a3d42323bddc3681debf60f522078812023bf0bf10d36d","sha512":"aee6eca613f4f75538ebe26c3a07e097095cf96ab8dfdff422286ede903fad4c24f7a85bd9319a718a25e62a90aa248a87a3666e48b535a1aaa1b0ff5f654b1e","ssdeep":"","tlshash":"ea11d0c78c60d98e0760459170b7e21f9d5a987d69618c6178dd65fc4ae4bcdce2e804","first_seen":"2025-12-26T09:31:33.486986Z","last_seen":"2025-12-26T09:31:33.486986Z","times_seen":1,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":39,"dns":19,"connect":1,"send":0,"wait":373,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/836.09494f49.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/836.09494f49.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-3100\"\r\nexpires: Fri, 26 Dec 2025 21:31:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qe2Ps2CeMA65sQh%2Bp5e7u3n%2F2f2sUaHup47qyVC0%2BHQiOlduhjUTeqF3oYyef1d%2BZSqCOBmmtE%2Fpq4Yt6%2FbAkMjNn8XpVQla0pUQ\"}]}\r\ncf-ray: 9b3f9026ed77c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12544,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11022), with no line terminators","md5":"c23a3efb9a19ae5d8a0f4157580e91ec","sha1":"592cf66fae8c91770ca0a81a547a1da49321d213","sha256":"f81918b1468ac4075e67c4c9c98476e833b6ed4e7509273d7b08eca4c853f576","sha512":"3f8b609082149f11ee4e1c20e9563195c59a266dbca84f76bc8b6e401ccd8f734bcfe3b62fb83e8445fed2626cd97cbd0ecde5b1be8fb958dc9bd8ab5c6ca7a2","ssdeep":"192:3KqRsMqErBxYKqRsnW0cBLF9fNOvrIilDLawDLiMZbN0aucW:3/wE1xY/yWDX9fN+MrPMZZK7","tlshash":"9642e811b189a80b1d9fc86420e5451f62266f0b9460e581f7f97efa0bfaf890326f5c","first_seen":"2025-12-26T09:31:33.488651Z","last_seen":"2026-04-03T17:10:28.369768Z","times_seen":3,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/0112d4270bdd7db3717fa384f8b69854.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /0112d4270bdd7db3717fa384f8b69854.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 7430\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R5S9GlnqHGjY4vHlepNK5uWVXhBooPFv0tTZqsn8XIdJJTW1p%2BXOYg627OqH0crY2ioOs4AAbSDrfGxWFywwV2CziR3WjR8ivaPx4cu5fA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"c86fe209c6cb01017bae191e117d05dc\"\r\nlast-modified: Tue, 09 Dec 2025 16:14:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902edbe82678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7430,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"c86fe209c6cb01017bae191e117d05dc","sha1":"0c48e9919904a02e820c3449d1d6f8c452e19619","sha256":"511fe6431cf5e43d9260cb449473aa2fd2a2e060549bb4097b6ee9348ad73e17","sha512":"5100b990f5ef1354d57ce7ce88198c890f9dddce64377e8f1fc0031c2b0a4f5478b8a475534332d9091474b03e801a23b9bb02cb38478efb92460548ccd123fc","ssdeep":"192:qSPW5Ae+K69Yq6bJGVme2jtC+lySm3XaKOOCzMyfmwLRjCw:lPWi99obJgSLkSm3XaIeMy+YjCw","tlshash":"02e1aef42a66189f9d5681f1043797339669c7b72024654f43fca9202f22da1f5e3f98","first_seen":"2023-08-13T05:27:55Z","last_seen":"2026-04-03T17:10:28.376301Z","times_seen":9,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":113,"dns":31,"connect":1,"send":0,"wait":7,"receive":1,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/362f520aac9d4c54bddf192ee5fbeb7c.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /362f520aac9d4c54bddf192ee5fbeb7c.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 3787\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jkjHHBFByu2v3mRkzkSEW3omcTgMcdg24Av%2BEtpTlvkmq0spLzOEzVfk2LS91gRaOHzuMumaL%2BA4DX5WI2Hcl0MPvBQEBhdaX4%2FCBibg9w%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"aa4525dd73047cb667dcb84bf897c993\"\r\nlast-modified: Tue, 09 Dec 2025 16:20:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f90305dc72678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3787,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"aa4525dd73047cb667dcb84bf897c993","sha1":"87f836e7825fadbd61e883a7c82078d0982d08ac","sha256":"0f5888524c2b787a2b8bf3661d09f84bb0042d1a77cacd3cd902d8d7d11979d8","sha512":"5262275f0b905ff63a82f3524bfddfb6fc847db550b38fade461d820f50a2903384598e6337b537d1c57059d564072af957bea89344f4c1d168bc86ba58a3024","ssdeep":"","tlshash":"58715bf27ae8ea2fc105127d4d9f272675baa10c471dac82c1d2a52b0fc7082bb46118","first_seen":"2025-12-26T09:31:33.492531Z","last_seen":"2026-04-03T17:10:28.388722Z","times_seen":3,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/692.8a1c1aad.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/692.8a1c1aad.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-2795\"\r\nexpires: Fri, 26 Dec 2025 21:31:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KmETAFskW9pM6lE0xVnI1vdGzCXw8ULuKGvMFBI5InYLWmRPKJQik3mGU3ECkI0nKZ6tOiItD9BkRh9iD%2F4z8q9JM7iPUt5fDZpX\"}]}\r\ncf-ray: 9b3f9026dd74c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10133,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9507), with no line terminators","md5":"a2e123c8b0d7464babb642401bbe1fb8","sha1":"0c6dabcd6e6a5917e6ee5503b8e20544618b2a03","sha256":"b510179eeea01db8a81225c5f92ed04db6b100c08bbcdf089f41917641012083","sha512":"39ff44ce6fb04dda63e6da64289ff10566e7dc6c7b0b22e85313cd2351ef9fa826416a02d5ecc090c72bd70dd68dd84724c5d88807c1dbb9d12b3c56bcfab7cb","ssdeep":"192:3MuPCiuiXiwiriG+gw07/2XV7lvbeTimAqRsO4gl7:3MD59/2XllvSTPZh3","tlshash":"3022f044aaa7085009a79506dac85b15807de2a329364dce73d875cf8fa3bdc23a47f7","first_seen":"2025-12-26T09:31:33.493836Z","last_seen":"2026-04-03T17:10:28.362535Z","times_seen":3,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/498.edea2d4a.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/498.edea2d4a.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-8802\"\r\nexpires: Fri, 26 Dec 2025 21:31:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=10OmW8XUZ7u3t1mazkIM72%2FFsaNwLOa%2FcXVCEdBiDEHmYeLRwfYZmyEhibUAp7RiOAoD7mP9O7fYo%2FDBpKJGislI9acA19MKoNxr\"}]}\r\ncf-ray: 9b3f9026ed78c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34818,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32236), with no line terminators","md5":"1a27e102ca5ffdbae10ea6d51e08ea2c","sha1":"ba72b572d41b6ce2862d243ca7e445070c023792","sha256":"d0066cbc26783304dc95ef3bc566e8a83a715d3776e95e04abbdb724bbdc7811","sha512":"a47de9d1f18fb74373a36b43c7c7f7555ec78970d69aa176b9adacd6d11dd0518e747572ec0a72f91b3a8bbb1d74e59a7914d257a9fb42648498f9f27f03bd03","ssdeep":"768:zgGOuXgpIDh0pCD3n5acD4vjKO4r8CkroI0pZE:zgGVXgpIezcD4bKO4riHuZE","tlshash":"fdf21914f0cab41f0a57e42c2267112851365a22b211df59fbb695a94fe6b8f0732fbc","first_seen":"2025-12-26T09:31:33.495222Z","last_seen":"2026-01-06T10:09:34.094239Z","times_seen":2,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf","fqdn":"at.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.177","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 16 Jun 2025 09:41:05 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83","sha256":"3D:49:49:78:42:46:FF:F7:52:9B:6B:82:DF:7E:54:4B:F9:BA:D8:34:14:1D:21:67:63:4E:5B:62:A1:D8:85:B5"}}},"request":{"raw":"GET /t/font_2225171_8kdcwk4po24.ttf HTTP/1.1\r\nHost: at.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://exintlr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/octet-stream\r\ncontent-length: 55940\r\ndate: Thu, 25 Dec 2025 15:37:36 GMT\r\nx-oss-request-id: 694D5A406AD0C43231B51A5E\r\nvary: Origin\r\naccept-ranges: bytes\r\netag: \"B716002BF601F727176AE7901BDF4E4F\"\r\nlast-modified: Fri, 24 Dec 2021 20:51:06 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10201830100077572647\r\nx-oss-storage-class: Standard\r\ncache-control: max-age=63072000\r\ncontent-md5: txYAK/YB9ycXaueQG99OTw==\r\nx-oss-server-time: 1\r\nvia: ens-cache6.l2de4[420,420,200-0,M], ens-cache9.l2de4[422,0], ens-cache8.se2[0,0,200-0,H], ens-cache12.se2[2,0]\r\nage: 64408\r\nali-swift-global-savetime: 1766677057\r\nx-cache: HIT TCP_HIT dirn:7:354913706\r\nx-swift-savetime: Thu, 25 Dec 2025 15:37:37 GMT\r\nx-swift-cachetime: 31104000\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\neagleid: 2ff62ca017667414650072731e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":55940,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\", 18 names, Macintosh,            ","md5":"b716002bf601f727176ae7901bdf4e4f","sha1":"e87c1130c27fa42d822c198f5ea8b633b5118b94","sha256":"4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707","sha512":"cd4d86bc27a8055bf4ba21730991acb71e32d1d8c3176b6aada3c8fcfbaacfabe3cf1c813665b4434b16c757587d38afb8fd61f3a84a440053a96b545187e672","ssdeep":"768:00Yo6KrRwXJDv2mjQ5PMWCUPQnNqcoocj9MNb5+kYfcUFO++wEMjQYVEh/gG+VeV:xY1dCpj8+kYfcUUXwjjQYV8/gBVE","tlshash":"3c437c2b835e4fb3d16a86f90c4f011b5fefd7206636f99664ca5c1e4402afd085cb9a","first_seen":"2023-04-09T15:26:02Z","last_seen":"2026-04-05T10:39:42.769449Z","times_seen":3294,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":127,"dns":37,"connect":23,"send":0,"wait":43,"receive":25,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.novadrive.pro/db0a9004aeff8438d730574866a67248.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /db0a9004aeff8438d730574866a67248.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 15971\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L4EJzyNqHXbaLUW2iLHoFRvIBFH1hl6UC7mSvkWSL%2BUkQK7Xy8lDeSwZ4LXPvbcwfBAMs7mr30GlxrBdurRL1QF9ZbidQVTVMKN%2B2%2BCpQwrE\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"611225751fbbafe47eeb536ce09b702f\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:22 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e58aa23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15971,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 297 x 297, 8-bit colormap, non-interlaced","md5":"611225751fbbafe47eeb536ce09b702f","sha1":"99255a15e4416f8e90643197845ed475baf877aa","sha256":"6ee659a555b2bf05677c914f4c6755331c8bdd8b233213a9d42c52ad203a794c","sha512":"6b7fec5393d1f2f9de000658c0c1ca747823e43ea18ef1705dc1831ce5fab5a0b81f1fd4df4c7c0df7fb7c55ba10dd0da53ab720feac698a576123075fea4a8c","ssdeep":"384:stkbQbkz4BDnp9K5ZeROcD2RBvfJ7giXCJDWrnAqBCxwTyjPhdi:steQyiLkO2np7gG0DW3CxwujPhdi","tlshash":"d572bfe2cf047e1fe0857d1e5edf117e3bc27a26ed64f2270b0086aa4fd1416452b996","first_seen":"2025-12-26T09:31:33.498399Z","last_seen":"2026-04-03T17:10:28.374946Z","times_seen":3,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.novadrive.pro/b9e16ca839b09da7c28d9ce43642022d.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /b9e16ca839b09da7c28d9ce43642022d.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 7431\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ID9wIYIVTIXhIIONCceueGOcEYNjMkY4C7fOVTJTbPnTHix2ftndyPWSN%2FIZ42evjqlyckSE14ZJy4XrpAcfv7OQKiFwnyZO0d87LspTZYNZ\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"c045c780335f0f674813a854b823317f\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e58bf23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 392 x 392, 8-bit colormap, non-interlaced","md5":"c045c780335f0f674813a854b823317f","sha1":"f918ccfff689cf703d944fecb0eed70ff4eedf45","sha256":"949d867a1eb723c335d280510f4819e361c8fc5e49aaa2fa593d13ed0f622961","sha512":"ed435407f2176d2545af7cec18a97e1c143b73cd018455a40c750a2045f5a98d9fdd9ede559270e0c712ccdcc8784e4ea09512be39a558cfbee29c12a197e8d7","ssdeep":"192:oOJsJiv+G6lbjilcNj1yPAGVga/hmR0jyXhVjwoK:RsJij60QjaAGCkP+XfFK","tlshash":"34e19daae84b5a52b958c61ddeff05e066bd04a10fd5710a9b00934b883435cce9efd7","first_seen":"2025-12-26T09:31:33.500045Z","last_seen":"2026-04-03T17:10:28.366595Z","times_seen":3,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":88,"dns":19,"connect":6,"send":0,"wait":21,"receive":2,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/js/index.45b3d92a.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:02.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/js/index.45b3d92a.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-d454\"\r\nexpires: Fri, 26 Dec 2025 21:31:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZX5zJu%2Fs%2BG9Ojbh4UPTZPChfdKQDF1Zqggzo9XVDCIUGr1%2BR9Fz%2FUVe8LAHxxqA556qEBVsN1ll6WsRVzQx3lPmrV8pE96cJcHG5\"}]}\r\ncf-ray: 9b3f901ccbeac272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54356,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53404), with no line terminators","md5":"92f0c191964d07dfa551e2b70ea22736","sha1":"45d41740714f9e0b9c11e6acb4178b6bec662583","sha256":"f07d68cc063a828b53c69c7148f00e1d461e959165c4ae1823cc83eba5caaf0d","sha512":"981f878a043729b828b3ff19ae93464ed2b29c30c06bd2948002c50dd4e8835b6b73d30c7bb06ca6241277363693165f95c31e6bfefe2c10fc6719766978c5b1","ssdeep":"768:GnuxHqHZ0eIpdZXEn1N+fc9W+zLSP+c3c6ymsrxj/gXxRotQOSAlZ9/l5o7y3e6k:vKwpdZXEn19Wsmhsrxj/gXxRw34trBc+","tlshash":"e133299af586e68f21e7347c7d3fb60769361c90088cd002f359a5965f6f98f9212f48","first_seen":"2025-12-26T09:31:33.50429Z","last_seen":"2025-12-26T09:31:33.50429Z","times_seen":1,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/img/home/2fa.png","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/img/home/2fa.png HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"6948f038-a85a\"\r\nexpires: Sun, 25 Jan 2026 09:31:05 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J8MUu26sM5rqH4%2FBmqxodEJqfHUGl39%2BDV47y75UEDSsJ%2FgUxBAwVjc1pRX8mGlBlW0pRFOduUaxO1cE4a9XG3%2B3paYMnR4LxGnR\"}]}\r\ncf-ray: 9b3f902aedf6c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43098,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"50450a05fdae216fa8b1cd0b978a8dbd","sha1":"d932baa5e9b6b67ce2302aa1f7fa86e1dbbcc4e5","sha256":"6b38f8cc248071a4247dae5f1fd55981d47782a613d1fd9500fe6a371e8d67f0","sha512":"da4de336c880ba5092b0312165c9cd0b8b86b689f4b39dffb17818b8ac955e72e595a10d8ecc0bf50b1a27a668f0c6aa4a9d09276228c24fde30b50ac0dfdc13","ssdeep":"768:szAK0ukOoj8AdW92oUuXVAoaBXkHQTzTdAO1rPTaGaNaCYA1JRJuics:EAKkxE92GXVIJTvdpVLa9aThzs","tlshash":"9713e03524f5223b854b1182ef3950891e9a7db0c4bd4ce09bba661a7cdd181e33ffa5","first_seen":"2025-12-26T09:31:33.505642Z","last_seen":"2026-04-03T17:10:28.396163Z","times_seen":3,"resource_available":false,"data":null}},"time_used":694,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":352,"receive":340,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/566836407cdf889d848e20b449a8094e.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /566836407cdf889d848e20b449a8094e.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 2133\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zbQf0EpjJgbeLGr6t3NC4arrH7%2FTF4zQpcUnF4uwMeAs40lh3qFElIF71di188U9OXBHk2FOC1bEzYC9L58CsemLNpJVRZjGvMc5YJKQ5g%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"d30390095115e7b08f2d211db78df12d\"\r\nlast-modified: Tue, 09 Dec 2025 16:12:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902ecbcb2678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2133,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"d30390095115e7b08f2d211db78df12d","sha1":"f880d124a9543261a080cd54d97101156be136ab","sha256":"7e4024a95ee91d95571d4ee344d5c41e15de3541d3635efdb6ddede04b935424","sha512":"4bd3bb9290162e5c296dcf5a375873bd1bbd84f07f726f18c2dd58389e0603ee710796c83cf40b7da6b2d92787bb523d022f3c464809194b743e66645d9b8bf2","ssdeep":"","tlshash":"30413c9b7a43457de608131c0a87f882c44eefecb8029239da545c7c3b0d3f644aa6ad","first_seen":"2025-12-26T09:31:33.508937Z","last_seen":"2026-04-03T17:10:28.338305Z","times_seen":3,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":115,"dns":48,"connect":1,"send":0,"wait":10,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.novadrive.pro/4417a3c208b459633cc9a94030c182e4.png","fqdn":"img.novadrive.pro","domain":"novadrive.pro","tld":"pro"},"ip":{"addr":"104.21.71.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.novadrive.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 18:00:36 GMT","end":"Wed, 11 Mar 2026 19:00:26 GMT"},"fingerprint":{"sha1":"99:D3:09:3C:07:D9:19:8E:82:85:AB:D0:C8:B8:B4:CA:57:B9:CE:DC","sha256":"62:BD:F0:FC:80:9D:17:3A:4E:37:B6:FD:74:E8:77:DA:F6:26:23:94:BA:6B:DB:25:DD:BA:4B:FA:50:CB:AE:87"}}},"request":{"raw":"GET /4417a3c208b459633cc9a94030c182e4.png HTTP/1.1\r\nHost: img.novadrive.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 8795\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fduLVdB1E%2FYy0QNw4Ot%2BpyM84zuyOgks1YFQsKUcS1qHww9V9XI9diCnQF918%2BQeZPQS5l7gW1NISWR15lFk6Ggdqu%2FN63pl4abBkreu6V1G\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"adad7b5abf1d2daefaa67fef00952335\"\r\nlast-modified: Wed, 30 Oct 2024 16:20:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4507\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f902e68cd23eb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8795,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 594 x 594, 8-bit colormap, non-interlaced","md5":"adad7b5abf1d2daefaa67fef00952335","sha1":"2528d05cf976b2c1d6aba88798616c127be72443","sha256":"54406da914c060eafcc565d988c893b9ad7a5893d4ec3691ab1dd969aab12080","sha512":"0d8450eb1a2636083925b185cefb1d9c39608a899549f376357917962b83c844619407a590f7eca5f62919202ba5b7ef4d7806ab424eb95554ed9b2a748e002b","ssdeep":"192:0TXDuypD0ogcO1A9BOv9qJGHXF11c981v2qr6ctJjBCe2y7:0TXyEoogZYgvJn12uBJj724","tlshash":"b402af455e7d86ef26e510ff08869c9cdf698b430038278ecc756c16e6617118ae34dc","first_seen":"2025-12-26T09:31:33.510248Z","last_seen":"2026-04-03T17:10:28.356157Z","times_seen":3,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":86,"dns":0,"connect":7,"send":0,"wait":22,"receive":1,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/img/coin/default.png","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/img/coin/default.png HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GkaoEyENkjlzyUYw%2B%2B8MLW6wmgJlQa1Jn8B1DGzuV5dh3fIgbxPMzApoGss%2Bukks5%2FelULYhwJABV2Or7TN291xEuX%2By%2F20STDS0\"}]}\r\ncf-ray: 9b3f902e2ebbc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-04-05T10:49:32.875616Z","times_seen":245320,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":355,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.ossasia.lat/8e7adbd52c56a3dcd0761384089a1e66.png","fqdn":"img.ossasia.lat","domain":"ossasia.lat","tld":"lat"},"ip":{"addr":"172.67.183.210","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:05.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e5d3735a.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 06:36:18 GMT","end":"Wed, 11 Feb 2026 07:36:16 GMT"},"fingerprint":{"sha1":"AE:6B:78:52:C4:9F:46:79:EC:AA:E3:6C:A2:2D:F2:E7:6C:3F:D9:7C","sha256":"5C:FA:12:81:D2:DA:F8:2B:81:DC:B6:E2:98:F0:92:5B:EE:2D:7D:C3:CB:C4:03:06:A3:77:A3:BB:A8:7D:34:F8"}}},"request":{"raw":"GET /8e7adbd52c56a3dcd0761384089a1e66.png HTTP/1.1\r\nHost: img.ossasia.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 09:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 1125\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oBS3Wf%2FCp%2BXu634qDfkhe%2BBEmXRxesNO6keR77O7DKfNvaNe60CnzXoF3dxwYrMcXLCojRH%2F%2Bg8G8qRzuAODSbMyXQ2QbRY6ISpMK6VJjA%3D%3D\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"1730f848f59cbf0939f137edb0d31daf\"\r\nlast-modified: Tue, 09 Dec 2025 16:21:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-ray: 9b3f90305dcd2678-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1125,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"1730f848f59cbf0939f137edb0d31daf","sha1":"653003f779a4df452e5d6bc48aad976a964100e3","sha256":"baf77e7d4ade720ceb7edfafbaf6e3aa636f2186920a27f76abaf0d03bb5ecb7","sha512":"9cd2111bdf247ea3d62787347025fcee7a9af626e453a3b725c0ba0621079391e22ab7c2760ab73622207599f275b0c5adafa0384841f2e32a8b3f9f21d40649","ssdeep":"","tlshash":"8521c6df40842c3cb96f002c2438becccc9a813a744f125f5a16d1e0f6af814990c2e8","first_seen":"2023-08-13T05:27:55Z","last_seen":"2026-04-03T17:10:28.354461Z","times_seen":1089,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"img.ossasia.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.220.205.65","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:06.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 26 Dec 2025 09:31:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Fri, 26 Dec 2025 15:31:06 GMT\r\ncache-control: max-age=21600\r\nset-cookie: __uni__uid=rBEQRWlOVdpvLzw5A3OxAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-04-05T10:39:42.758452Z","times_seen":14544,"resource_available":false,"data":null}},"time_used":1446,"timings":{"blocked":596,"dns":60,"connect":254,"send":0,"wait":254,"receive":0,"ssl":279},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exintlr.com/static/config/domain.js","fqdn":"exintlr.com","domain":"exintlr.com","tld":"com"},"ip":{"addr":"104.21.81.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:02.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exintlr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 11:35:25 GMT","end":"Wed, 25 Mar 2026 12:34:02 GMT"},"fingerprint":{"sha1":"8D:4A:3B:58:E6:DC:AA:20:35:4C:C4:C2:AA:31:0F:B8:0F:1E:4B:54","sha256":"5F:E6:B3:40:85:AA:74:EE:CA:47:A3:F6:66:2B:AE:B7:3D:E4:2A:E7:81:7C:ED:BC:F5:BA:E4:4C:A1:C0:B8:F6"}}},"request":{"raw":"GET /static/config/domain.js HTTP/1.1\r\nHost: exintlr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exintlr.com/\r\nCookie: server_name_session=e2814f5d3651e5ea32bdb5f609131110\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 09:31:02 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Mon, 22 Dec 2025 07:16:08 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 26 Dec 2025 21:31:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6948f038-c5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TmzMTThGL%2FcK%2FkBKJ8z%2BWu9pcbv2a0K3nPLFvYhn9%2FfmLfATZzBSyaLsgcAXfyxMg477SkZRiGUDaAdccDCK5HYLZouHPHcs0SkQ\"}]}\r\ncf-ray: 9b3f901ccbe8c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":197,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"45eed8467d3c6a8e24208eb318852936","sha1":"5644c4f03afaa6c6a2e7cf09ae9daf629867c8de","sha256":"72419a1ddabbe75e0a452c1a2d7163d02b81e98a56feb65794ee30ecfff3fad6","sha512":"cc70900ffcb0d3a1a7e49880c0e2eacd2eb32a07208a79346b108a0ec4593454ff9a4411de53199ec2280f2ae56163a8528fb902807356a13c1390ca36f9aa8d","ssdeep":"","tlshash":"99d0c9de3aa13800518a126c245b72196929c88bd858288aaba0c442aeb24644d31a7d","first_seen":"2025-12-26T09:31:33.514389Z","last_seen":"2026-04-03T17:10:28.342974Z","times_seen":3,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"exintlr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"tradingbapi.homelive.lat/wss_market","fqdn":"tradingbapi.homelive.lat","domain":"homelive.lat","tld":"lat"},"ip":{"addr":"172.67.175.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://exintlr.com/","date":"2025-12-26T09:31:04.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"homelive.lat","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 05:40:39 GMT","end":"Wed, 18 Feb 2026 06:39:22 GMT"},"fingerprint":{"sha1":"04:33:9E:E7:75:84:6D:AA:2B:C7:89:25:FD:5F:6E:9E:D8:79:4C:DC","sha256":"45:13:F7:F0:D8:55:9F:F4:22:DC:A5:60:31:FE:A5:21:0B:DB:37:BC:EC:27:A9:2A:C5:68:CD:F8:41:5C:BC:87"}}},"request":{"raw":"GET /wss_market HTTP/1.1\r\nHost: tradingbapi.homelive.lat\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://exintlr.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: Aea4+rcmpz22quvxNIOhPw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Fri, 26 Dec 2025 09:31:05 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: q21hNAFcv09QU4Ulx+jYU3RtXmc=\r\nSet-Cookie: server_name_session=6c0ef1ba0b5b70fbcc065b4c3988c4f2; Max-Age=86400; httponly; path=/\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2mFgdGplXywW14yPdtLNxxC0BBU61fpd7YsHKjbDJrRVXMFjrufuiSMbRH6zL3ZhCV0rjSoWtL%2FcTTXkT2KFoIRZ12b0O83xa2zFZSfOgTi%2FzQss3FgUg%2Fa6UPrjNxMYwSfOio4tJuBQFGs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9b3f902b5d3475ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=572\u0026min_rtt=497\u0026rtt_var=219\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3115\u0026recv_bytes=1172\u0026delivery_rate=5950684\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=ab9dd80e3a34ecff\u0026ts=325\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T10:47:07.00812Z","times_seen":13371829,"resource_available":true,"data":null}},"time_used":374,"timings":{"blocked":0,"dns":23,"connect":22,"send":0,"wait":310,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"tradingbapi.homelive.lat","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}