{"report_id":"f7f91bb6-53f9-4edd-b9ba-71b4f6cc8d80","version":6,"status":"done","tags":[],"date":"2025-12-31T04:20:08Z","url":{"schema":"http","addr":"hain.live/","fqdn":"hain.live","domain":"hain.live","tld":"live"},"ip":{"addr":"52.72.49.79","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hain.live/","fqdn":"hain.live","domain":"hain.live","tld":"live"},"title":"hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","dom":{"size":6954,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3362)","md5":"b603498f90a38912a060e4c45e5316c7","sha1":"ea501a37990186555ce26f2d96e12f1badd4aa82","sha256":"d372a35416ec7b5ed19f6a6c2641c6bd5fb3f5782b47c09b76f2dfab33feb3e6","sha512":"8db0da06b2970298dd7362c64691845278e85f73b05c7b6ae95af7be119b78121aaedf96040b16d054d72564b3c988307a3e5c421175a11361c11790d2a9b912","ssdeep":"96:mAG9D2C7RBeG21mmlus1R4HP74pM7x67LPX1wRxBg/P/AcpTPI7n9iikg0uxdSTZ:i9D2qRcoEpM7iSRxBURpTP+n9iiAuuxf","tlshash":"02e1b7e066a495e8d2458be1d571b668f62dbc7dbb3182d0c3d0586328e217d4874cd2","dom_hash":"domhash4e9301ffff82ec122aadcf9cf3e19cc3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hain.live/","fqdn":"hain.live","domain":"hain.live","tld":"live"},"ip":{"addr":"52.72.49.79","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-04T04:20:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hain.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"app.rebrandly.com","ip":{"addr":"52.84.50.68","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2014-09-12","domain_rank":1046341,"first_seen":"2018-04-20T15:58:14Z","last_seen":"2025-12-26T04:12:34.523334Z","alert_count":0,"request_count":1,"received_data":2106,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"s.gravatar.com","ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2004-07-15","domain_rank":42765,"first_seen":"2012-05-21T07:12:00Z","last_seen":"2025-12-30T23:06:10.063583Z","alert_count":0,"request_count":1,"received_data":812,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"hain.live","ip":{"addr":"52.72.49.79","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-31T04:20:09.363829Z","last_seen":"2025-12-31T04:20:09.363829Z","alert_count":3,"request_count":3,"received_data":5910,"sent_data":1652,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"my.link.gallery","ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2019-03-05","domain_rank":2468195,"first_seen":"2022-04-23T07:36:23Z","last_seen":"2025-12-26T04:12:34.648473Z","alert_count":31,"request_count":8,"received_data":988727,"sent_data":4090,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"p.typekit.net","ip":{"addr":"23.33.119.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-08-02","domain_rank":4638,"first_seen":"2012-05-23T14:28:57Z","last_seen":"2025-12-28T23:20:47.443099Z","alert_count":0,"request_count":1,"received_data":340,"sent_data":557,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"use.typekit.net","ip":{"addr":"23.33.119.19","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-08-02","domain_rank":4054,"first_seen":"2012-07-05T01:42:39Z","last_seen":"2025-12-28T23:28:20.237084Z","alert_count":0,"request_count":1,"received_data":9366,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"dashboard-cdn.rebrandly.com","ip":{"addr":"54.240.174.75","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2014-09-12","domain_rank":3162625,"first_seen":"2018-09-10T14:23:17Z","last_seen":"2025-12-27T04:10:13.252006Z","alert_count":0,"request_count":2,"received_data":9573,"sent_data":1054,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"my.link.gallery/static/js/2.fef8b03c.chunk.js","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"282aae2ea0d71c9dc8faac6c65136a94","sha1":"461735e02e72a87c9ef9445e3234234441a9133d","sha256":"a90f3a36e8b5392edf81513b111edc08311cf1c8d2145e3e641ad1c95d213ec1","sha512":"24bcadcd22101050de97faeef50d8f5a6340625eb16ddb072e0f476335a58192770e4e3909e0e0c6e39b735a784b5c416f16ae2a93f6a84a2c4f0583571489e3","ssdeep":"24576:MVZjAXMy6QhXxEiWtDwKUfaFI6xpMeBHUkNuRCRAsukEDFxBBq:MLjAXMy6QhXxEiWtDwKUfaFI6xpMeBHB","tlshash":"46051bc87192f0b557f311b6806f180bf37a191ea81d8450f262e8d9bcb945e923bf6d","size":806038,"data":"","first_seen":"2025-08-27T10:25:00.109017Z","last_seen":"2026-05-26T06:44:42.42777Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","fqdn":"hain.live","domain":"hain.live","tld":"live"},"ip":{"addr":"52.72.49.79","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d97b9a824b63a254e50248f93a580be","sha1":"2a5931f69397b453ecd3c282edf5189b61ef2308","sha256":"3ca7e4d73dd31ef4d4be876d0c3090a5ce43f2834514aa0599f578723746b1d9","sha512":"d6ee6e8abb5fcd148e02b6810a43b83137f5f92a997c56875a02483d2f5fe0ed986937d8b397993da54297f8a2e1b465b7b6c176c16a420d9c0716ae52f0384b","ssdeep":"","tlshash":"9f3162d132e0f8c853ab5c64443fd046f13b2c2156bda1d0c745c8b1bcb248a80a9f67","size":1515,"data":"","first_seen":"2025-08-27T10:25:00.130918Z","last_seen":"2026-05-26T06:44:42.432512Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/static/js/main.6c970e6b.chunk.js","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c26399c20ded0af9a4ca8fa3314377d2","sha1":"9101e800acbce35f44a593fa9bbcec702487e018","sha256":"631641907edb52ef6dfb04017f77bd66dfe374369c8506a397e9cf8c9e891f2e","sha512":"64ecb305cbead1336eb1bb7dd67deffeb35afda4b3e538b304b405fed4baf99553b0d8b8710583b5ebebd203d4c42fbecf103f90f9eb8c1afd71a34bc888348b","ssdeep":"384:nH7VVBOc6+2HKvitHRZ+b0svGzvGkUqKrp9RlaOFJdEHqQ42zv:bVVBx6+SKqtHRZ+b0svGzvGkUqOnaOFK","tlshash":"9a92d78eb1d2f05c86a72232d81f5609f3663a49949d8814f124ccea7c75b9d623ff39","size":20134,"data":"","first_seen":"2025-08-27T10:25:00.083565Z","last_seen":"2026-05-26T06:44:42.428289Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"hain.live/","fqdn":"hain.live","domain":"hain.live","tld":"live"},"ip":{"addr":"52.72.49.79","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T04:19:47.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hain.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Dec 2025 14:22:53 GMT","end":"Mon, 30 Mar 2026 14:22:52 GMT"},"fingerprint":{"sha1":"9B:96:80:59:D0:3C:30:F2:D4:25:27:CF:96:73:E0:05:E0:A5:79:70","sha256":"42:04:C9:15:11:FA:9D:C2:EC:7E:55:C0:82:EF:A6:6C:B5:64:A9:B6:39:70:15:8C:2B:2C:90:A6:69:DC:DC:46"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hain.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 31 Dec 2025 04:19:46 GMT\r\nlocation: https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa\r\ncontent-length: 0\r\nengine: Rebrandly.redirect, version 2.1\r\nstrict-transport-security: max-age=15552000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2348,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":1347,"timings":{"blocked":626,"dns":431,"connect":93,"send":0,"wait":93,"receive":1,"ssl":99},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hain.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/static/css/2.83a67233.chunk.css","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"GET /static/css/2.83a67233.chunk.css HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 151111\r\nlast-modified: Tue, 01 Apr 2025 12:29:55 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: xfRUnvO5BpdlaqYrqOFTiZLA7Gzl57aS\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 31 Dec 2025 03:07:21 GMT\r\netag: \"a3083308dc0142e1df85332f4a7fa06c\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: nzbQ3pz_Gcp1KUB8qJrkNPe8por5Gql7oEofCXdHMrMzaiMRDimsmA==\r\nage: 4350\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":151111,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (44610)","md5":"a3083308dc0142e1df85332f4a7fa06c","sha1":"f3565babe528fe2b8d6581e2eb5f8211c3c2aa87","sha256":"1943705fc3c49017a1e76a1a2fd1009483ddaddb16e6c5ce3e35178b48ba35ea","sha512":"913c813c0b532520300fcdd5d320a996846ac072a8d252319063d7ab32430ab0258e8ab5381803823309f1f6ca2ed0ea756a572f82c15385fcdfa74885066b0d","ssdeep":"1536:KMEnJXOzRnM8MwTWsaVa0TBR+dmBiiVzvGubF:KTnJXOzR3TWDVa0TBR+dmBiihbF","tlshash":"c1e3c8d4e420153a593b953aa3e8d98eb719bc83c8366ffbfb01e45413c6ad3159730a","first_seen":"2025-08-27T10:25:00.079371Z","last_seen":"2026-05-26T06:44:42.415122Z","times_seen":121,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":110,"dns":1,"connect":1,"send":0,"wait":2,"receive":6,"ssl":109},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/static/js/main.6c970e6b.chunk.js","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"GET /static/js/main.6c970e6b.chunk.js HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 20134\r\nlast-modified: Tue, 01 Apr 2025 12:29:56 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: s2jpSeE3EX6OsxpUA91tc_n6648Gzeaa\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Tue, 30 Dec 2025 12:49:10 GMT\r\netag: \"c26399c20ded0af9a4ca8fa3314377d2\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: JH7xK958bw6MjZOCPelSa6Fb_hZRG3M8z19zto3fwZ5nZpl25YSdKQ==\r\nage: 55919\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":20134,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20086)","md5":"c26399c20ded0af9a4ca8fa3314377d2","sha1":"9101e800acbce35f44a593fa9bbcec702487e018","sha256":"631641907edb52ef6dfb04017f77bd66dfe374369c8506a397e9cf8c9e891f2e","sha512":"64ecb305cbead1336eb1bb7dd67deffeb35afda4b3e538b304b405fed4baf99553b0d8b8710583b5ebebd203d4c42fbecf103f90f9eb8c1afd71a34bc888348b","ssdeep":"384:nH7VVBOc6+2HKvitHRZ+b0svGzvGkUqKrp9RlaOFJdEHqQ42zv:bVVBx6+SKqtHRZ+b0svGzvGkUqOnaOFK","tlshash":"9a92d78eb1d2f05c86a72232d81f5609f3663a49949d8814f124ccea7c75b9d623ff39","first_seen":"2025-08-27T10:25:00.083565Z","last_seen":"2026-05-26T06:44:42.428289Z","times_seen":121,"resource_available":true,"data":null}},"time_used":649,"timings":{"blocked":321,"dns":3,"connect":1,"send":0,"wait":3,"receive":1,"ssl":316},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p.typekit.net/p.css?s=1\u0026k=ccp4aew\u0026ht=tk\u0026f=139.140.169.170.173.174.175.176.5474.5475.25136.25137\u0026a=134021757\u0026app=typekit\u0026e=css","fqdn":"p.typekit.net","domain":"typekit.net","tld":"net"},"ip":{"addr":"23.33.119.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.typekit.net","organization":"Adobe Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 12 Dec 2025 00:00:00 GMT","end":"Tue, 12 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"83:B4:8D:3E:B4:3E:71:49:9A:8F:71:32:96:68:3A:1D:23:DB:38:B8","sha256":"F3:E4:84:49:06:CC:99:20:A8:A3:BB:DC:8E:3D:31:69:7A:CA:6F:5B:21:C4:0B:4A:3D:32:2B:D0:BF:07:62:69"}}},"request":{"raw":"GET /p.css?s=1\u0026k=ccp4aew\u0026ht=tk\u0026f=139.140.169.170.173.174.175.176.5474.5475.25136.25137\u0026a=134021757\u0026app=typekit\u0026e=css HTTP/1.1\r\nHost: p.typekit.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://use.typekit.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: text/css\r\ncontent-length: 5\r\nlast-modified: Sun, 24 Nov 2024 12:45:53 GMT\r\netag: \"67432001-5\"\r\ncache-control: public, max-age=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccept-ranges: bytes\r\ndate: Wed, 31 Dec 2025 04:19:48 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"83d24d4b43cc7eef2b61e66c95f3d158","sha1":"f0cafc285ee23bb6c28c5166f305493c4331c84d","sha256":"1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb","sha512":"e6e84563d3a55767f8e5f36c4e217a0768120d6e15ce4d01aa63d36af7ec8d20b600ce96dcc56de91ec7e55e83a8267baddd68b61447069b82abdb2e92c6acb6","ssdeep":"","tlshash":"e630000000000000000000000000000000000c00000000000000000000000000000000","first_seen":"2023-03-12T07:28:04Z","last_seen":"2026-05-27T17:19:12.831879Z","times_seen":153383,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":15,"dns":1,"connect":1,"send":0,"wait":2,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/links/d931cd2ede8943a98f517d0de6bdb2aa.json","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:49.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"GET /links/d931cd2ede8943a98f517d0de6bdb2aa.json HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hain.live/\r\nCache-Control: private, no-cache, no-store, max-age=0\r\nOrigin: https://hain.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 948\r\ndate: Wed, 31 Dec 2025 04:19:50 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, PUT\r\naccess-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Access-Control-Allow-Origin\r\naccess-control-max-age: 3000\r\nlast-modified: Fri, 31 Oct 2025 21:08:10 GMT\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, must-revalidate, proxy-revalidate, max-age=0\r\nx-amz-version-id: cY7vfNA31hWdsD_Oji9BKFXs2lfD08iC\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\netag: \"387db235df362cf8f4e336c0b9ab39e7\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 8EqcGOxsyThRihUTiS7hqOBkJm33zpBDLnT5qiPxPidhpWU4ne0VGQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":948,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"387db235df362cf8f4e336c0b9ab39e7","sha1":"13d98282a3a9d34c417e263f56bb0d9a72709e20","sha256":"bf04a7fec8d816c3b4628fa43bc82b6385c2c5a30a95b0594380a1f962f5c588","sha512":"1d02d216db7c9e6e54c84a47d3df528707f77a33ecb207ed1f63a56ba0dbbda8ffa25d5e038e7b8de6b00a728b98f283ea82a5e5628c788068d5489bb4f2123e","ssdeep":"","tlshash":"fe11ee21e045113df0e3c45991b63f16245ce83f61945b8cb5ac6a7be2fa10c146b653","first_seen":"2025-09-29T02:55:44.748289Z","last_seen":"2026-05-26T06:44:42.417034Z","times_seen":41,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":448,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/static/js/2.fef8b03c.chunk.js","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"GET /static/js/2.fef8b03c.chunk.js HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 806038\r\nlast-modified: Tue, 01 Apr 2025 12:29:55 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: nrIrw2oGRGZoy1TzJaFM67PYwR665eev\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Tue, 30 Dec 2025 11:28:41 GMT\r\netag: \"282aae2ea0d71c9dc8faac6c65136a94\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: JL8YJCRj3TMHrZHDSYFi3FZNVBISiZgc-3RVj9E0k3JMEjViIwaCrQ==\r\nage: 60668\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":806038,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"282aae2ea0d71c9dc8faac6c65136a94","sha1":"461735e02e72a87c9ef9445e3234234441a9133d","sha256":"a90f3a36e8b5392edf81513b111edc08311cf1c8d2145e3e641ad1c95d213ec1","sha512":"24bcadcd22101050de97faeef50d8f5a6340625eb16ddb072e0f476335a58192770e4e3909e0e0c6e39b735a784b5c416f16ae2a93f6a84a2c4f0583571489e3","ssdeep":"24576:MVZjAXMy6QhXxEiWtDwKUfaFI6xpMeBHUkNuRCRAsukEDFxBBq:MLjAXMy6QhXxEiWtDwKUfaFI6xpMeBHB","tlshash":"46051bc87192f0b557f311b6806f180bf37a191ea81d8450f262e8d9bcb945e923bf6d","first_seen":"2025-08-27T10:25:00.109017Z","last_seen":"2026-05-26T06:44:42.42777Z","times_seen":121,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":22,"dns":9,"connect":1,"send":0,"wait":3,"receive":50,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/metadata/d931cd2ede8943a98f517d0de6bdb2aa.json","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"OPTIONS /metadata/d931cd2ede8943a98f517d0de6bdb2aa.json HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: cache-control\r\nReferer: https://hain.live/\r\nOrigin: https://hain.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Wed, 31 Dec 2025 01:56:03 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, PUT\r\naccess-control-allow-headers: cache-control\r\naccess-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Access-Control-Allow-Origin\r\naccess-control-max-age: 3000\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 0z3D1ndzymYYs0p2RfjnIntpHSCz2QhZ6SMnBdTcxNXrPvzjFB1MDw==\r\nage: 8626\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/metadata/d931cd2ede8943a98f517d0de6bdb2aa.json","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"GET /metadata/d931cd2ede8943a98f517d0de6bdb2aa.json HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hain.live/\r\nCache-Control: private, no-cache, no-store, max-age=0\r\nOrigin: https://hain.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 356\r\ndate: Wed, 31 Dec 2025 01:55:39 GMT\r\nlast-modified: Fri, 31 Oct 2025 21:08:10 GMT\r\netag: \"493ed289f9dc90a81841d6d0b596b643\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: BJ8LsSnA.LNpju7ORb9BFzSrIWIAciho\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: etzF9NmX8NTWvE2Z0eSeutponKRdqF1Me85bEcfY9rheu44XR3tr3Q==\r\nage: 8650\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":356,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"493ed289f9dc90a81841d6d0b596b643","sha1":"b7262a810cc353d1908a544795297e42655d50f2","sha256":"c79360401739a37fdfb3ce18a714c8065a14636e1b857bb1843cb6ce70777b1d","sha512":"42e263f4d0deda31db9c6f5b42c5c7acad8e19fcb2333dca99e33e30403974638845ac5756e0e9171c6909c23a82b765c055d0e3eb86eb1c13c95c5567764a0a","ssdeep":"","tlshash":"a8e0c07102e4242f400c95e4d198ff5493896e6446978c83cc19ce8f2b9e0760c1be74","first_seen":"2025-12-31T04:20:16.624436Z","last_seen":"2025-12-31T04:20:16.624436Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/static/css/main.417a4031.chunk.css","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"GET /static/css/main.417a4031.chunk.css HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 5039\r\nlast-modified: Tue, 01 Apr 2025 12:29:55 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: ejFepKIK4X0oZ8dypqrR7enBx_1sLApT\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 31 Dec 2025 03:07:21 GMT\r\netag: \"53b50916491df570401173f3924c6360\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: mLoJV140-qGnpMvbBSimVXUTyqAvaaji6Qsk3pPimpymUPot4wqiQw==\r\nage: 4350\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":5039,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4987)","md5":"53b50916491df570401173f3924c6360","sha1":"9f00ad2ddd4f7a1a6b16ffbe643fc70b90ab4d39","sha256":"ce4c046045db5355f704049d167d1054baac8797f2058ace8e96b3158368cc18","sha512":"1df462e07317f45115df8f7194f4a1c4f51415d747d435d9397024fd74286d4113b9e0b16d24decfcbdd1996aee755b8f6417565dce75a13c229b6850569bb56","ssdeep":"96:rep1m41mh1mh1mh1mQ1mh1mb1mh1m01mh1mq1mh1m+1mh1mD1mh1mu1m71mj1mrS:q5aUaJaMahaTaZaua5G4iPAl4Be1","tlshash":"c4a177f592e8342dd72796376366702de511e602c7236ae9f90216ae02e7f800671767","first_seen":"2025-08-27T10:25:00.082014Z","last_seen":"2026-05-26T06:44:42.415663Z","times_seen":121,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":161,"dns":1,"connect":4,"send":0,"wait":3,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.typekit.net/ccp4aew.css","fqdn":"use.typekit.net","domain":"typekit.net","tld":"net"},"ip":{"addr":"23.33.119.19","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.typekit.net","organization":"Adobe Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 12 Dec 2025 00:00:00 GMT","end":"Tue, 12 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"83:B4:8D:3E:B4:3E:71:49:9A:8F:71:32:96:68:3A:1D:23:DB:38:B8","sha256":"F3:E4:84:49:06:CC:99:20:A8:A3:BB:DC:8E:3D:31:69:7A:CA:6F:5B:21:C4:0B:4A:3D:32:2B:D0:BF:07:62:69"}}},"request":{"raw":"GET /ccp4aew.css HTTP/1.1\r\nHost: use.typekit.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://my.link.gallery/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: text/css;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains;\r\ncache-control: private, max-age=600, stale-while-revalidate=604800\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\ncontent-length: 1055\r\ndate: Wed, 31 Dec 2025 04:19:48 GMT\r\nakamai-grn: 0.0f772117.1767154788.4f95e6bb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8893,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (516)","md5":"ab60739dca05621bc50919d27d54602d","sha1":"3a4d6e6ac2160b58a4dd50935a0d0e1ea17779f2","sha256":"ac0fb3c799464fa6e9574c7b04580368cd8993676343bf95f4aa5bc6f0115d46","sha512":"bb880ab126db01b9892686e129d22022a6eefb264e4d252d8f24e163bf538ed5ee3ea2c39ee45b20cb674bafe04f69dbc499ac06388ec4ffcdf155bd8cb9e4a7","ssdeep":"96:pbzQ8yM2MlM0hNMvh9EyiMgM9MXMlMpM0MqMl:pqM2MlM0jMv3EyiMgM9MXMlMpM0MqMl","tlshash":"010278a0c0468ca3c0d09a71348eb7e4d52a3e5a62f4cda64522ccf79c75ed3b311f5a","first_seen":"2025-01-06T14:16:52.000815Z","last_seen":"2026-01-06T23:03:13.66872Z","times_seen":95,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":4,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dashboard-cdn.rebrandly.com/styleguide-assets/spot-illustrations/ill-spot-linkgallery-text.svg","fqdn":"dashboard-cdn.rebrandly.com","domain":"rebrandly.com","tld":"com"},"ip":{"addr":"54.240.174.75","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rebrandly.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 03 Jun 2025 12:39:42 GMT","end":"Sun, 05 Jul 2026 12:39:42 GMT"},"fingerprint":{"sha1":"33:A8:E9:A2:88:6D:47:73:81:39:18:BB:FE:6C:EB:FA:68:A0:D0:6B","sha256":"34:73:3B:E3:09:5F:C1:85:63:C5:21:BE:78:B8:D4:2B:97:92:8B:BD:76:19:1D:10:9E:A9:39:6F:58:F6:DD:C7"}}},"request":{"raw":"GET /styleguide-assets/spot-illustrations/ill-spot-linkgallery-text.svg HTTP/1.1\r\nHost: dashboard-cdn.rebrandly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hain.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ndate: Tue, 30 Dec 2025 13:47:28 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nlast-modified: Fri, 19 Dec 2025 15:05:38 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: m5NC9CrcPxPxvsoi1TC4K9qm2mWdxpeE\r\ncontent-encoding: br\r\netag: W/\"2cacb3d13fdc1e483e06edab252e3bcc\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: e13J1lgLQrD3LbjKr-TfrlUeAIdVipKbE8hcZPhm_8nlZgeFa99R8w==\r\nage: 52341\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3462,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2cacb3d13fdc1e483e06edab252e3bcc","sha1":"2ef2870f56e9023e7e59b0a862081ce21cf87365","sha256":"3fa306142673ad42a623f056d69353365577f0dcc8cf64f5b3d4aea768419d04","sha512":"e4be43d6bfc4b193b0fe2f5f59022a70d6ae25930586560bcb38d32fea735a738473f1e236b9d56e491f149c7ace748b8af3a8cda3b9fb00d8df625f95ed2aef","ssdeep":"","tlshash":"a261ffc467b58bf4e2888bf2dd907aa07b2cbcba3761c394c7d02843286517d49b4cd2","first_seen":"2025-09-19T00:36:23.155324Z","last_seen":"2026-05-26T06:44:42.41457Z","times_seen":115,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":13,"dns":2,"connect":1,"send":0,"wait":2,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hain.live/favicon.ico","fqdn":"hain.live","domain":"hain.live","tld":"live"},"ip":{"addr":"52.72.49.79","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hain.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Dec 2025 14:22:53 GMT","end":"Mon, 30 Mar 2026 14:22:52 GMT"},"fingerprint":{"sha1":"9B:96:80:59:D0:3C:30:F2:D4:25:27:CF:96:73:E0:05:E0:A5:79:70","sha256":"42:04:C9:15:11:FA:9D:C2:EC:7E:55:C0:82:EF:A6:6C:B5:64:A9:B6:39:70:15:8C:2B:2C:90:A6:69:DC:DC:46"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hain.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 31 Dec 2025 04:19:47 GMT\r\nlocation: https://app.rebrandly.com/broken-links\r\ncontent-length: 0\r\nengine: Rebrandly.redirect, version 2.1\r\nstrict-transport-security: max-age=15552000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":109,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hain.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.rebrandly.com/broken-links","fqdn":"app.rebrandly.com","domain":"rebrandly.com","tld":"com"},"ip":{"addr":"52.84.50.68","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rebrandly.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 03 Jun 2025 12:39:42 GMT","end":"Sun, 05 Jul 2026 12:39:42 GMT"},"fingerprint":{"sha1":"33:A8:E9:A2:88:6D:47:73:81:39:18:BB:FE:6C:EB:FA:68:A0:D0:6B","sha256":"34:73:3B:E3:09:5F:C1:85:63:C5:21:BE:78:B8:D4:2B:97:92:8B:BD:76:19:1D:10:9E:A9:39:6F:58:F6:DD:C7"}}},"request":{"raw":"GET /broken-links HTTP/1.1\r\nHost: app.rebrandly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hain.live/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 9108\r\ndate: Wed, 31 Dec 2025 04:19:48 GMT\r\nlast-modified: Wed, 17 Dec 2025 10:40:43 GMT\r\nx-amz-server-side-encryption: AES256\r\ncache-control: no-cache\r\nx-amz-version-id: H53A8i6eiDDUQNxLJOOQO2mxVcdMxSRH\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\netag: \"ef83e9adb0d2c73e56b5afe08eeb9c77\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8c3a87d110aff35fe17513b9a9ad30cc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: -iZuXmv1tr_Mb0QG_oku7JEgZBieAwCrmeKGpDVg9ibpgw_fqR0WGw==\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: DENY\r\nreferrer-policy: no-referrer\r\ncontent-security-policy: frame-ancestors 'none'; block-all-mixed-content; worker-src 'self' blob:; script-src 'self' blob: 'report-sample' 'unsafe-inline' 'unsafe-eval' *.clarity.ms c.bing.com ws-assets.zoominfo.com app.rebrandly.com s3.amazonaws.com js.zi-scripts.com tracking.g2crowd.com *.zapier.com *.gstatic.com *.zendesk.com *.revenuehero.io *.hsforms.net *.hsforms.com *.intercom.io *.zdassets.com *.googleapis.com *.smartlook.com *.youtube.com *.doubleclick.net cdn.goentri.com *.pendo.io *.storage.googleapis.com *.google.com *.googleadservices.com *.googlesyndication.com *.googletagservices.com *.sentry.io *.sentry-cdn.com *.facebook.net *.statuspage.io *.rebrandly.com *.stream-io-api.com *.facebook.com *.googletagmanager.com *.intercomcdn.com *.stripe.com *.linkedin.com *.gravatar.com *.licdn.com *.s3.amazonaws.com *.typekit.net *.google-analytics.com www.dwin1.com cdn.logrocket.io cdn.lr-ingest.io cdn.lr-in.com cdn.lr-in-prod.com cdn.lr-ingest.com cdn.ingest-lr.com cdn.lr-intake.com cdn.intake-lr.com cdn.logr-ingest.com cdn.lrkt-in.com; style-src 'self' 'report-sample' 'unsafe-inline' *.typekit.net *.licdn.com *.pendo.io *.storage.googleapis.com *.stripe.com *.gravatar.com *.googletagmanager.com;\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\npermissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":1,"send":0,"wait":26,"receive":1,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.gravatar.com/avatar/a66ce6715c92ba8acd094d7588ccf860?size=80\u0026d=retro\u0026rating=g","fqdn":"s.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:49.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 19:44:01 GMT","end":"Wed, 11 Mar 2026 19:44:00 GMT"},"fingerprint":{"sha1":"CB:34:0E:81:05:DA:71:6A:08:72:91:9D:50:59:C9:0E:4A:64:25:12","sha256":"A7:90:62:A7:12:C2:0D:FF:5E:AD:C2:59:1B:A1:87:D0:CA:F7:0C:75:0E:55:5D:33:B4:95:02:57:C3:90:3B:DD"}}},"request":{"raw":"GET /avatar/a66ce6715c92ba8acd094d7588ccf860?size=80\u0026d=retro\u0026rating=g HTTP/1.1\r\nHost: s.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 31 Dec 2025 04:19:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 288\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/a66ce6715c92ba8acd094d7588ccf860?size=80\u0026d=retro\u0026rating=g\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Wed, 31 Dec 2025 04:24:49 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 35\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":288,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced","md5":"5d11d23bbb33cdc7ba871f1b4737586b","sha1":"7fe24eec0a612e193861eb4936b0a33deae3bb46","sha256":"a0c376771cae73584cd981b99795cf0b9bf7b6f0dba975928e293b29eda9f826","sha512":"c19706801b871d6fc4e227a5afb790d1da689367cb1fd4d8b436a9e3f60c1dfdebd8db6c8dd5c3eb75a1e9b87dfb64fe2f419ea4102fb6294845776c4756199a","ssdeep":"","tlshash":"edd072e2c260081a50800a36a20b36e2886f20a42b8f920c08688b2ed1c222123088ba","first_seen":"2025-12-31T04:20:16.629293Z","last_seen":"2025-12-31T04:20:16.629293Z","times_seen":1,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":29,"dns":1,"connect":7,"send":0,"wait":8,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","fqdn":"hain.live","domain":"hain.live","tld":"live"},"ip":{"addr":"52.72.49.79","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-31T04:19:47.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hain.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Dec 2025 14:22:53 GMT","end":"Mon, 30 Mar 2026 14:22:52 GMT"},"fingerprint":{"sha1":"9B:96:80:59:D0:3C:30:F2:D4:25:27:CF:96:73:E0:05:E0:A5:79:70","sha256":"42:04:C9:15:11:FA:9D:C2:EC:7E:55:C0:82:EF:A6:6C:B5:64:A9:B6:39:70:15:8C:2B:2C:90:A6:69:DC:DC:46"}}},"request":{"raw":"GET /?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa HTTP/1.1\r\nHost: hain.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ndate: Tue, 30 Dec 2025 12:23:03 GMT\r\nserver: AmazonS3\r\naccept-ranges: bytes\r\nage: 57405\r\ncache-control: no-cache, no-store\r\netag: \"31b51c71a78d4e705c23397a15ec9d27\"\r\nexpires: -1\r\nlast-modified: Tue, 01 Apr 2025 12:29:21 GMT\r\nvia: 1.1 dbd83e9e27cde36e1e56c6d1ae4f5a18.cloudfront.net (CloudFront)\r\ncontent-length: 2348\r\nengine: Rebrandly.redirect, version 2.1\r\nstrict-transport-security: max-age=15552000\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: B83VaFGRaW_OYLuC_6feZYFH1QctOIS8\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: IAD55-P3\r\nx-amz-cf-id: KnGsqMjSX0eoG4utRtZTBs8AEoNOV_2mOuyrRlpL4ehO5hLkTc8FuQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2348,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2348), with no line terminators","md5":"31b51c71a78d4e705c23397a15ec9d27","sha1":"5b6380fd11643298d37dfc10f383d8e1b26c9444","sha256":"278bfa502aa59e8b3e7d25bef5d15e315e6e5e9c99ae8bea6ea19ae2e6df80e7","sha512":"1b1ff75c895a495c6eb059a0629e084c7ba95d71074de5eb5b19f690bebcd105a932f3d1c689224232f927da74e49abf32a0b365988f1c64bdca780a2fa7fdca","ssdeep":"","tlshash":"f441a7d27550f8cc537548e8c43ff02ce06bbd585e78a4d0d78888b56db02d5806af26","first_seen":"2025-08-27T10:25:00.11472Z","last_seen":"2026-05-26T06:44:42.426945Z","times_seen":121,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"hain.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dashboard-cdn.rebrandly.com/styleguide-assets/spot-illustrations/ill-spot-no-results.svg","fqdn":"dashboard-cdn.rebrandly.com","domain":"rebrandly.com","tld":"com"},"ip":{"addr":"54.240.174.75","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rebrandly.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 03 Jun 2025 12:39:42 GMT","end":"Sun, 05 Jul 2026 12:39:42 GMT"},"fingerprint":{"sha1":"33:A8:E9:A2:88:6D:47:73:81:39:18:BB:FE:6C:EB:FA:68:A0:D0:6B","sha256":"34:73:3B:E3:09:5F:C1:85:63:C5:21:BE:78:B8:D4:2B:97:92:8B:BD:76:19:1D:10:9E:A9:39:6F:58:F6:DD:C7"}}},"request":{"raw":"GET /styleguide-assets/spot-illustrations/ill-spot-no-results.svg HTTP/1.1\r\nHost: dashboard-cdn.rebrandly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hain.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hain.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ndate: Tue, 30 Dec 2025 13:47:28 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nlast-modified: Fri, 19 Dec 2025 15:05:38 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: ehuAyvaEBzs2p_ED2hdnAg.H24Y7DPmV\r\ncontent-encoding: br\r\netag: W/\"12931a0560de5d32bb3d252d2140e8e7\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 7Cgx_L6lt9aBB_V5R647IMTaQjYaytnQiV9Jeqfaoh0JoWqehr2aNg==\r\nage: 52341\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":4797,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"12931a0560de5d32bb3d252d2140e8e7","sha1":"a70825850528774de26fe436fa5b6593715e3f82","sha256":"eaca4caf415f9931da5c89b9a4ec5e24d8062bea8736c9e3d531e35cfb2f658d","sha512":"ddbb54a37e5601e37e675d3b12339283e2a57c512986167eac0c13ec698b7b03e287accb967273d4b3e03a55be2d15fb7c783c9ab6a4da7958900d1501d41e46","ssdeep":"48:22+KoEQlhD79vNoEQSx6XCFFQoY941d+7Ih3k2eVs+7Ih3yXCFFQoYn4eZf3H6sq:eKoJp9vNoiD13J313FlD","tlshash":"5aa1bb5062fc63989500565ee3e960ea405e608f3b9e057cf0a11239f42dedfeda897e","first_seen":"2024-10-14T14:37:59.141375Z","last_seen":"2026-05-26T06:44:42.412501Z","times_seen":118,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":19,"dns":1,"connect":1,"send":0,"wait":2,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.link.gallery/links/d931cd2ede8943a98f517d0de6bdb2aa.json","fqdn":"my.link.gallery","domain":"link.gallery","tld":"gallery"},"ip":{"addr":"52.84.50.111","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hain.live/?rb.routing.mode=proxy\u0026rb.routing.signature=99125\u0026source=d931cd2ede8943a98f517d0de6bdb2aa","date":"2025-12-31T04:19:48.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"link.gallery","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:CE:2E:66:A6:E8:3D:3F:5B:82:A4:E3:F3:7D:EF:48:32:88:D4:60","sha256":"6E:53:A7:31:07:02:2A:29:71:2E:8A:AB:D8:06:D8:00:0A:0F:05:E8:82:F4:F3:3B:B6:ED:A3:08:04:0C:CD:47"}}},"request":{"raw":"OPTIONS /links/d931cd2ede8943a98f517d0de6bdb2aa.json HTTP/1.1\r\nHost: my.link.gallery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: cache-control\r\nReferer: https://hain.live/\r\nOrigin: https://hain.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\nx-amz-id-2: xZBXX7t3Ozzmo6zH+i5Bz7ysO50cLLel2jJKtVL+Y4Xq++HGFBNdgQRuQI4xU6MIy9Uu0Gtw8HY=\r\nx-amz-request-id: HCCTC1FX8V7VWPG9\r\ndate: Wed, 31 Dec 2025 04:19:49 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, PUT\r\naccess-control-allow-headers: cache-control\r\naccess-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Access-Control-Allow-Origin\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nserver: AmazonS3\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: NY9ppJVd92LlZwy3KtOnlalV-z7deoME-NjNLs9qDFjsE0NBm42KHw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":418,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-31","alert":"Sinkholed","trigger":"my.link.gallery","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}