{"report_id":"f2f9442c-6954-47a6-b60b-2824ece80a20","version":6,"status":"done","tags":[],"date":"2026-02-24T14:27:17Z","url":{"schema":"https","addr":"cskmoney.com/","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"ip":{"addr":"81.28.12.12","port":0,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"cskmoney.com/","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"title":"CS.MONEY — Trading Bot for fast CS:GO skins trade","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cskmoney.com/","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"ip":{"addr":"81.28.12.12","port":0,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T14:27:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"cskmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cskmoney.com","ip":{"addr":"81.28.12.12","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-10-17","domain_rank":0,"first_seen":"2026-02-24T14:04:17.751978Z","last_seen":"2026-02-24T14:04:17.751979Z","alert_count":4,"request_count":4,"received_data":8881826,"sent_data":1709,"comment":"","tags":null,"fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-02-22T23:01:24.734653Z","alert_count":0,"request_count":1,"received_data":90781,"sent_data":441,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cskmoney.com/","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"ip":{"addr":"81.28.12.12","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cskmoney.com/","date":"2026-02-24T14:26:52.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cskmoney.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 05:34:47 GMT","end":"Sun, 12 Apr 2026 05:34:46 GMT"},"fingerprint":{"sha1":"32:28:E9:21:CF:D2:EE:79:07:3E:DB:25:3E:30:9C:89:A4:B4:8F:01","sha256":"A9:9E:0C:1A:C9:68:15:55:7D:B0:52:FE:F1:EB:48:6E:FB:B8:04:34:96:2E:B9:1C:06:B3:F1:8A:3C:46:6E:EB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cskmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cskmoney.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Feb 2026 14:26:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-id-fe: am3-hw-edge-gpig-gc96\r\ntraceparent: 00-1b78d4c8ebe01bd260bca357457b8f76-d1dd344603207dce-01\r\nx-id: am3-hw-edge-gpig-gc96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4174507,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11434), with CRLF line terminators","md5":"ad54f011ff2dd8347f14dfbc023d38f4","sha1":"76a6e813090510e1313fe884b7ec3962a2ffebe4","sha256":"c804bc8b317a833d5eed8cca36ea16aeac8a4323b911e268f99197e0aae4a0d7","sha512":"89bf91a8a57140451dc9aba284f99cff1f5d80d209ae3e97b1f38bb5d073039fe680f9cebef955876c9dfc77ea6d44f77890c8391f6daebda7ea70215dd4563d","ssdeep":"12288:jTF323BiYl2bwSmn1R0l+ddjvVEv0xd2ZA38B6V+l8/1ZwCarLgnxmwaBhj+o5Xt:jTFG3jltSmOhj+uvVR9fcA9EG","tlshash":"cf256c72a650653ea437b22ef3d1c64d7060d443db238be9fe60d13982c76e7276229d","first_seen":"2026-02-24T14:04:21.028971Z","last_seen":"2026-02-24T14:27:19.394334Z","times_seen":2,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"cskmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cskmoney.com/132b40b.js","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"ip":{"addr":"81.28.12.12","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cskmoney.com/","date":"2026-02-24T14:26:52.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cskmoney.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 05:34:47 GMT","end":"Sun, 12 Apr 2026 05:34:46 GMT"},"fingerprint":{"sha1":"32:28:E9:21:CF:D2:EE:79:07:3E:DB:25:3E:30:9C:89:A4:B4:8F:01","sha256":"A9:9E:0C:1A:C9:68:15:55:7D:B0:52:FE:F1:EB:48:6E:FB:B8:04:34:96:2E:B9:1C:06:B3:F1:8A:3C:46:6E:EB"}}},"request":{"raw":"GET /132b40b.js HTTP/1.1\r\nHost: cskmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cskmoney.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Feb 2026 14:26:52 GMT\r\ncontent-type: text/javascript\r\nx-id-fe: am3-hw-edge-gpig-gc96\r\ntraceparent: 00-f55a5f32ba752c127abb5e23c6840d67-1649928ea8753c66-01\r\nx-id: am3-hw-edge-gpig-gc96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":190398,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d91dfdf6ea806aebe7390d18c2fda87d","sha1":"b776d7d72d57a1a1ff6158bcca128e5108ff1d03","sha256":"63adf47ea3c2fa7d793552ef8e1d53f61ec94417e7ee49eabfb8cb2c9897dfe3","sha512":"408d98a18b706bac5db0917175242354d095aae053efa0031a0435c5e17934e513aa45d4d1aaf0e3a8e98fee38ba4b2ef5ffac4c597302354669da6c59a236a6","ssdeep":"3072:JLYQwTNtp90MHctXlWUuRwJ3CiNI3AhZxApreKWEGm0sboUK/wjmuHjKj5Jd/xd4:fwZ790MHct1WUuRwJ3CiNI3AhZxAVeKR","tlshash":"d21460cdefdf7021f171f23269c290e9621625d2e16e54c9ad608c88e709fe8df1652b","first_seen":"2026-02-24T14:04:21.026959Z","last_seen":"2026-02-24T14:27:19.395284Z","times_seen":2,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"cskmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cskmoney.com/0d85765.js","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"ip":{"addr":"81.28.12.12","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cskmoney.com/","date":"2026-02-24T14:26:52.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cskmoney.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 05:34:47 GMT","end":"Sun, 12 Apr 2026 05:34:46 GMT"},"fingerprint":{"sha1":"32:28:E9:21:CF:D2:EE:79:07:3E:DB:25:3E:30:9C:89:A4:B4:8F:01","sha256":"A9:9E:0C:1A:C9:68:15:55:7D:B0:52:FE:F1:EB:48:6E:FB:B8:04:34:96:2E:B9:1C:06:B3:F1:8A:3C:46:6E:EB"}}},"request":{"raw":"GET /0d85765.js HTTP/1.1\r\nHost: cskmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cskmoney.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Feb 2026 14:26:52 GMT\r\ncontent-type: text/javascript\r\nx-id-fe: am3-hw-edge-gpig-gc96\r\ntraceparent: 00-7c2a843c0cdf8f40eb76621d698978db-cbbfee1d295b41c3-01\r\nx-id: am3-hw-edge-gpig-gc96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":341392,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"deee2a358cc4e0198555dba4179a1a48","sha1":"1e270be901ff92fc12e61e9aba50babbf61157ba","sha256":"a1b2272ccf745967b0d532b2af5a48ec4efdee4fbb3f8f57268da3e933e16eb4","sha512":"06864364f685eddbdbbcfe47abb7e66a9f5a0491a98842cd1574f3ce2a8914cb26271ead40e6ea150fcd87e8254679d4d7933c8dbe345897c1b0070699fcbcfd","ssdeep":"3072:XHNwcv9VBQpLl88SMBQ47GKoDPNddBFak8JUaVDpYujVHUc92smVppuzUPFI9fB5:XHWK9VC78UBQ47GKMNdIVWjNS9cdzAV","tlshash":"7474188e7241353256eba1a5103b2a0bb237554da909805cb03ccddeae7ce4971bbf7d","first_seen":"2023-10-15T23:19:21Z","last_seen":"2026-05-30T05:56:09.097034Z","times_seen":141,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"cskmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cskmoney.com/","date":"2026-02-24T14:26:53.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.4/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cskmoney.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31154\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 06:26:22 GMT\r\nexpires: Sat, 20 Feb 2027 06:26:22 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 374431\r\nlast-modified: Tue, 04 Apr 2023 03:27:01 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89795,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"641dd14370106e992d352166f5a07e99","sha1":"eda46747c71d38a880bee44f9a439c3858bb8f99","sha256":"a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af","sha512":"a6e981b23351186aa43f32879dd64c6801be6e2af7ef8b0e472cccdeeba52d5d7894de4bcb292a364f1e11e525524077534338140a72687ada4fae62849843a5","ssdeep":"1536:IjjxXUHunxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBqUsuy8WnKdXwhLQvg:IeeIygP3fulzhsz8jlvaDioQ47GKH","tlshash":"d193f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","first_seen":"2023-03-26T04:59:07Z","last_seen":"2026-06-08T12:17:16.403837Z","times_seen":24895,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":91,"dns":1,"connect":21,"send":0,"wait":23,"receive":26,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cskmoney.com/","fqdn":"cskmoney.com","domain":"cskmoney.com","tld":"com"},"ip":{"addr":"81.28.12.12","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T14:26:51.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cskmoney.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 05:34:47 GMT","end":"Sun, 12 Apr 2026 05:34:46 GMT"},"fingerprint":{"sha1":"32:28:E9:21:CF:D2:EE:79:07:3E:DB:25:3E:30:9C:89:A4:B4:8F:01","sha256":"A9:9E:0C:1A:C9:68:15:55:7D:B0:52:FE:F1:EB:48:6E:FB:B8:04:34:96:2E:B9:1C:06:B3:F1:8A:3C:46:6E:EB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cskmoney.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Feb 2026 14:26:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-id-fe: am3-hw-edge-gpig-gc96\r\ntraceparent: 00-d47592e4e4270dfdc9ac6922221509fe-dd42a1006ab4d7d7-01\r\nx-id: am3-hw-edge-gpig-gc96\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":4174507,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11434), with CRLF line terminators","md5":"ad54f011ff2dd8347f14dfbc023d38f4","sha1":"76a6e813090510e1313fe884b7ec3962a2ffebe4","sha256":"c804bc8b317a833d5eed8cca36ea16aeac8a4323b911e268f99197e0aae4a0d7","sha512":"89bf91a8a57140451dc9aba284f99cff1f5d80d209ae3e97b1f38bb5d073039fe680f9cebef955876c9dfc77ea6d44f77890c8391f6daebda7ea70215dd4563d","ssdeep":"12288:jTF323BiYl2bwSmn1R0l+ddjvVEv0xd2ZA38B6V+l8/1ZwCarLgnxmwaBhj+o5Xt:jTFG3jltSmOhj+uvVR9fcA9EG","tlshash":"cf256c72a650653ea437b22ef3d1c64d7060d443db238be9fe60d13982c76e7276229d","first_seen":"2026-02-24T14:04:21.028971Z","last_seen":"2026-02-24T14:27:19.394334Z","times_seen":2,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":78,"dns":40,"connect":17,"send":0,"wait":340,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"cskmoney.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}