From 337c7392b972ea0ec4d31578838418c48a104470 Mon Sep 17 00:00:00 2001
From: anti <samuel@securejump.cl>
Date: Fri, 8 May 2026 16:30:18 -0400
Subject: [PATCH] chore: untrack accidentally-committed threatfox-api.json

Slipped in via `git add -A` in the G.2 commit. Local artifact, never
intended for tracking.
---
 .gitignore         |  1 +
 threatfox-api.json | 70 ----------------------------------------------
 2 files changed, 1 insertion(+), 70 deletions(-)
 delete mode 100644 threatfox-api.json

diff --git a/.gitignore b/.gitignore
index fe322a54..de2e8e62 100644
--- a/.gitignore
+++ b/.gitignore
@@ -63,3 +63,4 @@ package-lock.json
 # files alongside ARE committed and exercise the harness in CI.
 tests/ttp/rule_precision/corpus/*.jsonl
 tests/ttp/rule_precision/corpus/seed_*.jsonl
+threatfox-api.json
diff --git a/threatfox-api.json b/threatfox-api.json
deleted file mode 100644
index bacdfcdc..00000000
--- a/threatfox-api.json
+++ /dev/null
@@ -1,70 +0,0 @@
-{
-    "query_status": "ok",
-    "data": {
-        "1": {
-            "ioc_type": "url",
-            "fk_threat_type": "payload_delivery",
-            "description": "URL that delivers a malware payload"
-        },
-        "2": {
-            "ioc_type": "domain",
-            "fk_threat_type": "payload_delivery",
-            "description": "Domain name that delivers a malware payload"
-        },
-        "3": {
-            "ioc_type": "ip:port",
-            "fk_threat_type": "payload_delivery",
-            "description": "ip:port combination that delivery a malware payload"
-        },
-        "4": {
-            "ioc_type": "url",
-            "fk_threat_type": "botnet_cc",
-            "description": "URL that is used for botnet Command&control (C&C)"
-        },
-        "5": {
-            "ioc_type": "domain",
-            "fk_threat_type": "botnet_cc",
-            "description": "Domain that is used for botnet Command&control (C&C)"
-        },
-        "6": {
-            "ioc_type": "ip:port",
-            "fk_threat_type": "botnet_cc",
-            "description": "ip:port combination that is used for botnet Command&control (C&C)"
-        },
-        "7": {
-            "ioc_type": "envelope_from",
-            "fk_threat_type": "payload_delivery",
-            "description": "Sender email address (envelope from) that is used for payload delivery"
-        },
-        "8": {
-            "ioc_type": "body_from",
-            "fk_threat_type": "payload_delivery",
-            "description": "Sender email address (body from) that is used for payload delivery"
-        },
-        "9": {
-            "ioc_type": "md5_hash",
-            "fk_threat_type": "payload",
-            "description": "MD5 hash of a malware sample (payload)"
-        },
-        "10": {
-            "ioc_type": "sha256_hash",
-            "fk_threat_type": "payload",
-            "description": "SHA256 hash of a malware sample (payload)"
-        },
-        "11": {
-            "ioc_type": "sha3_384_hash",
-            "fk_threat_type": "payload",
-            "description": "SHA3-384 hash of a malware sample (payload)"
-        },
-        "12": {
-            "ioc_type": "sha1_hash",
-            "fk_threat_type": "payload",
-            "description": "SHA1 hash of a malware sample (payload)"
-        },
-        "13": {
-            "ioc_type": "domain",
-            "fk_threat_type": "cc_skimming",
-            "description": "Domain used for credit card skimming (usually related to Magecart attacks)"
-        }
-    }
-}
\ No newline at end of file