{"report_id":"03a6fddd-790d-435e-bf83-9004abfd4b3e","version":6,"status":"done","tags":[],"date":"2026-03-22T12:50:45Z","url":{"schema":"http","addr":"rootinge.ukwest.cloudapp.azure.com","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"title":"Centre de sécurité","dom":{"size":24320,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (413)","md5":"c9ba0fd5fb8218ec85bed16d45de84b7","sha1":"fdffc8b96112c1c3bf3f4279be305d9bb08c4ce9","sha256":"e4d66820d8645d21b958b5715adc4f45e60a0bb74ea43407282d084e99d564b7","sha512":"d224ab87b920295f1e13f4e92ba9f104d99511fa9209fb445cb2d7650d26a79ad41c3889ddd42b8f74dc3c3a05877d627b9fde3b688d91e4b19fb2b5b9584c3d","ssdeep":"384:USDX7lPubaY/ejnXzvW0vMBffcuyP5EEDzYK:9ubaYGTXLW4GkuyP5EEDzYK","tlshash":"49b25164b8f6502301a3a085ab77eb0f3fa5e503d50b9b4076ac0be59f97da6cc0765c","dom_hash":"domhash353ffee50b790441ef8ec08693c9805f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rootinge.ukwest.cloudapp.azure.com","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-26T12:50:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"rootinge.ukwest.cloudapp.azure.com","ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"domain_registered":"1994-10-25","domain_rank":0,"first_seen":"2026-03-22T12:50:46.444896Z","last_seen":"2026-03-22T12:50:46.444896Z","alert_count":100,"request_count":25,"received_data":2372724,"sent_data":11931,"comment":"","tags":null,"fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:1.4.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ipwho.is","ip":{"addr":"104.20.44.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-29","domain_rank":18239,"first_seen":"2020-06-08T11:52:47Z","last_seen":"2026-03-21T00:59:35.503947Z","alert_count":0,"request_count":1,"received_data":315,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-03-15T23:03:26.25948Z","alert_count":0,"request_count":1,"received_data":79235,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb5ce230a20baf9bce84978701f34a28","sha1":"bc1166d544f12f34e387980cd8c8e9abd111f579","sha256":"1e1dc4934ec57af1a5653b1b8564edffc6e887db27ea7b1064d3c3f0e5a788f7","sha512":"567c8ab113ba61086ec6e614703476a7ff3a5a376e63e00e81010f007ad7b4368bd4f56cf45129fb2ae177c57c64c44043e94b2e89c6efa19f9edf5cc15b3811","ssdeep":"","tlshash":"18b0926e38a2221816b7343a0daf9004aa67851b912cc800be4454942fa0009e296e84","size":120,"data":"","first_seen":"2023-03-07T12:11:55Z","last_seen":"2026-05-20T16:25:01.115334Z","times_seen":3382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e7309f967680cc0998fd4d27d5ace38","sha1":"5435bb352fa1de9e1b14a020664a1165ce7dc04c","sha256":"bb34507a35dbd3c3fafb64da631fd7ca67a4f98430f269dabdbb3a6e35b5361e","sha512":"cf8c5a7734372d7e8df28d0cd51d6eaa01e8ef71aef8c2054f64a05c52edca81fa25839903f95309747ce31bc3f55e9ca7c478b1037c3c0e931121680ed589e7","ssdeep":"","tlshash":"c601dd6f3b6b0524ea92b2b5876b934c307215233c42d82e391c96e00f617f4c16e3eb","size":748,"data":"","first_seen":"2026-03-22T12:50:48.724545Z","last_seen":"2026-03-22T22:20:20.229265Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"a5d9173fbf0f7c41f4cd09814d7e6ca6","sha1":"f231829e2c3359ac05b256a3eb7d54641b4aad90","sha256":"1111b6283de3c59d10790bebd74c0c0e49fd1179eea52ce2574d9fb30bb42ed6","sha512":"6a6ba4d9204ab27e76284d30d3e2a840b2e8a8c1d99b7434b1dd084d9cc6030614f295f82a125cf31cbfae0dd1b254d78ed9dece2b327eb4de7488e83fa458c6","ssdeep":"","tlshash":"23f02bacac4368a41a2210bc53af622654b54403069dd300b30cab535f5877f156cad8","size":496,"data":"","first_seen":"2026-03-22T12:50:48.726685Z","last_seen":"2026-03-22T22:20:20.230244Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.4.4.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"73a9c334c5ca71d70d092b42064f6476","sha1":"b75990598ee8d3895448ed9d08726af63109f842","sha256":"517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c","sha512":"b5c7b19a6d0f05cfa33a7f54c1b8075698d922578429789fd4c0a4ce035f563857283c7062e9ab08ec61679b486971f3d83a44135e217e3167e49fada5a1520a","ssdeep":"1536:oqD4uWibfmaWWfiw7u/m9LofuENlx9TV6Z+T3VopklvQDPj10XQjdA4+9j:opzYf/t9s5vQD6X2dA4+9j","tlshash":"d7731bd9b2c2727383e731b864af520af13668aa644c4894f06ce8e4bd74e45447bf7d","size":78601,"data":"","first_seen":"2023-03-07T01:10:35Z","last_seen":"2026-06-13T08:07:32.013496Z","times_seen":10428,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"d93ca50849be01ed445da65b43acab48","sha1":"48d660eb9e1cdd74e8fa66c4ae9f43251c576115","sha256":"0ea2b77bfbfefca95b806b8027b1a2b8cae74a97b71baf016d82883f28309226","sha512":"9818855fa07b0e084c3dfd5220b6fb8909b03c9c8aa0f1f759d1d36370143b970bb71fb9d29dfe66646c3f15c779d6a2b2d87a1860849b15924ad1c812535b47","ssdeep":"","tlshash":"1bd0a706f79f8055b62fa558063b4404396e1017481bce40350c40c00f5ed398078bbc","size":271,"data":"","first_seen":"2023-08-26T22:45:17Z","last_seen":"2026-04-11T14:08:10.832155Z","times_seen":409,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"eventHandler","is_inline":false,"md5":"57381d43f260aa3b8c47820ca38655a3","sha1":"8d087b53d91f8e3ff0def7d1d94a6dada72fac79","sha256":"35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943","sha512":"e39f2aae6c3f8f32fb2f9d0345265a29a63a7874120b0f7eddbf1a2c08787e2f754f1777d346ef99c94483abf37918c424f9a4318c995de1a37241cefeef2186","ssdeep":"","tlshash":"c0700088b080a02002022020022b2008a0ba0000200c0000800002803e200088022800","size":19,"data":"","first_seen":"2023-04-10T16:23:44Z","last_seen":"2026-06-10T18:44:06.170235Z","times_seen":12711,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"26cfe07eb2a41d56de3cea428f409e37","sha1":"4cbd1f05b65cfc7f247da284f1c02264ab526364","sha256":"f4d6d67bfeda397cd7790aa0a80750cd642a100ea48bbd9e5580c34cce8ec14e","sha512":"7715cd27b21b6e2c5bf6ed7ed6d48eb6e43408a0c0ea502917033d20ae437f9b6bee1f1aeda7775cb1739fa10216abf9836bc3884bc10237c8458519e3c7a5da","ssdeep":"","tlshash":"a041c06677e324212aa3757ceb6f52003526340b09cbdc40b64c11d85f9ed7ce13a76d","size":2021,"data":"","first_seen":"2023-08-26T22:45:17Z","last_seen":"2026-05-12T12:20:21.775424Z","times_seen":540,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ec45c98de528138d873351ee3004c1c","sha1":"be9c6a2c15144063bf95641ec4215a06199b4f5d","sha256":"28bcb0154baedf9de9f39772f0e45b0c4d88d2e4a951fbd8b4234ea31bd9872a","sha512":"8b7bcf8fc923ff16b47656ed732d6bb276bfa063247cfb08c360704345ee4dcf7360e69fcde7b9af4b52c03b29f1a34fba5ec932aeb5fd903883bf36ec63acb7","ssdeep":"","tlshash":"b0d022bb88100531e0b6a89ea76bcaca3c70401b3504fc32388c64f80f28e9c0360e98","size":246,"data":"","first_seen":"2023-08-26T22:45:17Z","last_seen":"2026-06-03T20:47:45.513449Z","times_seen":1188,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d50a188fdf1ce5d296a660d49b725a4","sha1":"53659ac7314056ea8d3b40d3c7f0d2e74b9c7bfa","sha256":"c30ce2192bbd4017aa1666af8e99d418f29d20e91bac62260bb10d1216f961bf","sha512":"bdd8039685b55d9fbc0b01cb9136fc5438b8e4810c94851cdc81464196a35d3d6a3e31183fc1ece2013738da5774c296625647a84321662fd7e8ee5fd4d72c20","ssdeep":"","tlshash":"d0b0128f32dbd0a08e5f7d23011a42082431100714439a01360c0aa04f59e508402fa4","size":102,"data":"","first_seen":"2024-06-17T06:49:03Z","last_seen":"2026-04-11T14:08:10.83457Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"d1eed6ee56360b384fe7c184e7f3c219","sha1":"4761c47b1306dc89a801f8fe9e539f30f9838912","sha256":"77ae0c90c3851fb3b7913db002b9cbe13f0f79265c0815eeede5ae464320b2e5","sha512":"d608cfe40ba2d32ea4083d647ad0389cb6f3a4fed671c2bfcc8aea310e24cbca7f976df9d0eb7ac4a4c523b5448a5ab02685efc4eecb260a97a40633f3efee72","ssdeep":"","tlshash":"39d0a90321a720600ebb3a7b2299a2002893d0330e0d9814780ca8640fabb28e26fac0","size":215,"data":"","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-04-11T14:08:10.835938Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/esc.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"3335a14050d4f6057bb019cf705843b4","sha1":"1ecf59ecd458a27998fc365cbfa6ad8d5e7c1226","sha256":"46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14","sha512":"2bf59c17322ab476660facc7674bd1be4747267a811f4678932d35854a6e137d89da928386c98fc7542bab4e4068f1db9bed85a4702bf72527ce9a057affebcd","ssdeep":"","tlshash":"59b0125c103e5c2444313a201613d6182521400040436288f2c84241b4500284a1ec0c","size":87,"data":"","first_seen":"2023-11-30T17:10:01Z","last_seen":"2026-06-03T01:25:22.075695Z","times_seen":5496,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"d2687cc9c448d021f4d514857c263b44","sha1":"9798b6831b702be05805b9b371f3dfb711f26992","sha256":"73217c33bfb86ea09cd92cba325bef2fc5fe3ea6f1c80b6423e736dac412217c","sha512":"7797e96aabdc3b6f0d02d52f6b5ca40063fb847cda33c34b53617668f4c9b8b3d61cde24437bd5f04bf5b91b4aa57cadee01d7798fcd33c5e001d90b204b5f97","ssdeep":"","tlshash":"6dc0921af4e86200023335381d2fa448ae33360f7609af483e8c5ae00f2e0399557a24","size":139,"data":"","first_seen":"2023-08-26T22:45:17Z","last_seen":"2026-05-20T16:25:01.118104Z","times_seen":2080,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"74061bf8c774116268d7d795e3dbbcf9","sha1":"8b10cd4c53b815ce536e3f5ce5cb8ba24c74fda7","sha256":"387f0020bad465fcfc73b9efccf6827948693f24dd51b4ea1afa945509e46f41","sha512":"dd06702d3811056030d7f51fdab76e5d4f06a2bd21d5051c2d5f0f2e99ffe1d0c042b03d274b7ed54b5ec500b93922288e6bd77c1dcbfd49a0c1a8f40f53c2fe","ssdeep":"","tlshash":"a5d0921af8e96610023335385d3fa404ee33750b71499e543e9d5ae04f2d23a8803a04","size":262,"data":"","first_seen":"2023-08-26T22:45:17Z","last_seen":"2026-05-20T16:25:01.118617Z","times_seen":1996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"3715534217f536892f56aca385aa124f","sha1":"807074ce24233e9e177b56978086c1562aebd828","sha256":"153b599a18e2c676d284f5a9d3b2a434d92b8441fb9e59c4b24e92dd9ec6ed6c","sha512":"0cd91c5dc5885f5e2b1b141bededbdf8f19bcf7420e9dcd9ff51a519fba7586b69a56ee2e29f55c0cf6f6594af753b756baf9c4feb6cda029586443f898115d8","ssdeep":"","tlshash":"6dc0922af8e86200023339381d2fe404ae33740bb6499e643d4c5ae00f2e1398403a04","size":137,"data":"","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-05-20T16:25:01.119124Z","times_seen":973,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"bd29bc7e3ebedad970cfd7eff3ab332a","sha1":"3b44a7c185631660d9590fc6e0ef42f9d1398995","sha256":"4e024c3aa1ca15aaf533e0893b7b1de8cb561f317b49c61ec884b90f39937db3","sha512":"9928d303cc7a7d224c5dd13d24a0be5aa0b2185d75058c52c0d8b47cfbaf04e3cef569ac95d738fdcaef2b2fd94e4c407050654551a22c6d935e2856c1527b5f","ssdeep":"","tlshash":"20c0922df8e96105023331385d3ba408ae37781b60469e413d5d19e14f192398847908","size":134,"data":"","first_seen":"2023-08-26T22:45:18Z","last_seen":"2026-05-20T16:25:01.119619Z","times_seen":1909,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce537a44db51b0cae35ab7dfa6ed4644","sha1":"dfb27cd6622a51999753392a6689f8b67cd0c3b2","sha256":"7be28397b0fbed39828c70251b4fb256ddfc1a091a2066e61351e1d9681d7629","sha512":"4245917e95ba5db11f830dcf1c0dc8bd6e028f393d3065d56d372b72ec268a53286b9681c19cdd1d3d9619d3ff8c2bbc37ea21011c39f0f8ec9548e0af5267fa","ssdeep":"","tlshash":"7bf05c1d04f6352617171738136ac284347ccb935105acc4b06c0fc4dfb1679b2b2e0d","size":499,"data":"","first_seen":"2023-08-26T22:45:18Z","last_seen":"2026-05-20T16:25:01.120131Z","times_seen":1181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd05d2ea6e1e26930fe1232ce0f4709f","sha1":"1e411c92606c409da1deff96d681bc7c03c3ad35","sha256":"1515e9dededc6a4e090e8e60a43d98dcc6a44b5f6a8f146244c4e49b5f73f945","sha512":"c1748935b6763ecbb5525de390f7efdb421be74eb56fac8787f185b77fc43453c0ed326ce4f5f3e56b5f0646910301f023b7380e74e21eca91b5336d2cfd1f2a","ssdeep":"","tlshash":"f2a0222c20f328008203b838c33bfa0c3033000320080800b32c03a03f02020cc0ea0c","size":73,"data":"","first_seen":"2023-08-26T22:45:18Z","last_seen":"2026-06-03T20:47:45.514011Z","times_seen":1778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e17fbd37b252bb0f58d6b5395193e23","sha1":"7a9e03e23171b13a5777a98473fe28a2ad3a946b","sha256":"831f5dd5cf7871e2cb27909e9babee14485a3c06a2698dbbdd897391f763dfb8","sha512":"9478a96033b25b264332dbe29fc4c4c51a3b43bf6f1cbb071e4e8ad96a95a2e806c4a630cb226f4ec06aa3de7ef9a4bdafb58e1bb7b0dca714441fa6465022d3","ssdeep":"","tlshash":"23e02b3970d31491850a7b68073be080383017f3c00a4d50f40c9e743f86c0199dbab2","size":341,"data":"","first_seen":"2023-08-26T22:45:18Z","last_seen":"2026-05-20T16:25:01.121096Z","times_seen":1007,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c6f6037892ae634928df5c01cf37e7d","sha1":"3c4d97f71fda2913861d2416621be30903993499","sha256":"0bdf9ee04e7de05fb034d4af3b38cb9ea8b6e2b95231b445462c1f7f8509aec7","sha512":"5aa87c565e6e1c3a1d49b1fe6b44d6d4b30cfd0ffe0aaf5c0630090df5c10aaca4b2f2fef1811dada2a3a386732c042b142a59ecb0c985453acc96f94af14b3f","ssdeep":"","tlshash":"c08000023c088c03c02823223a22aa8a30a8283030c0f2f230a0203020002ab28008b2","size":29,"data":"","first_seen":"2026-03-22T12:50:48.744321Z","last_seen":"2026-03-22T12:50:48.744321Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/nvidia.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"921e013d361401879fe324e511d1c766","sha1":"40a531545ec76297667c108bc3cc369e0f4b0e47","sha256":"ad3619bd3e93e1e3a05f7ac346ec2d8afdd5bb2a583a876c0a085ce57fe6f2f0","sha512":"95fab788535bd1c52904b968772c6545bed64dcdfd299763b7a48f7c99af55afc3112687034a9c6c1b2c0081d089f92d203e44e48d4372f1aeff5cb670437bbe","ssdeep":"","tlshash":"c241997ef198e031c5b33d6a727fb28aba32742b7e422426a01c55b44e3ca0c4b57848","size":2054,"data":"","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-05-20T16:25:01.107454Z","times_seen":4362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"39dd3d7103fc91da89611e596fd42a2c","sha1":"168f5f97010b42b0ccb2765bc73f156c4b163a9b","sha256":"b722373934d378dcb69cefac605ecc95f847c803accff3a64f791eb5910b12a0","sha512":"a16e3d3f5566e6d621d6897ee38f1607a9792a7b4cb6c296d12ecc6d8b17c8007b11dad410c6cbaf4a32e22521353843827beea8116a981d6e7a8d84317e3c92","ssdeep":"","tlshash":"18c09b5b1d5b544064367a5dcf47b29431730493510164417f2d87153f31617b1007e5","size":141,"data":"","first_seen":"2023-08-26T22:45:18Z","last_seen":"2026-04-11T14:08:10.840825Z","times_seen":815,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"e118dc8196693ba5829b64d3900a44d1","sha1":"c1af9a5738e8fd92300b16a10c072c91c8188098","sha256":"74fd362e8ed5cd59129d7d3cfbde3ce0f2fffd815d04d34037d70932f229a8c4","sha512":"aae91e4ab3aecac3c8a59fc9984ee5bdd614683623048becb638f2ee00488a17b266b3042ba65a324a9334c61927b717e39317ec277c0be3925c36d39453ea3e","ssdeep":"","tlshash":"2bb0121874d88100513331040c27a0146836345761034d11fb0c14e40f5903b8207804","size":94,"data":"","first_seen":"2023-08-26T22:45:18Z","last_seen":"2026-05-13T06:22:55.526941Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a333f0222619217a7bf1cebbc6b7f4a","sha1":"409fec063f69a80306b08b19e244980130ad2a88","sha256":"c3858458777043154df28e556666ea789c583651fb45d979e5485b3c1791fbae","sha512":"c49e7711600209ca01820b47bc0a0f37efbdfbcdad5ffc8a903ad6b526d437c90675da4ed4c45afe1e1f47fa3cbae22a66281404a78abde02a71c0d07e058dcb","ssdeep":"","tlshash":"67f0b40af6f8b63180763a1da6bf934c3b3b165b300c9bc0755c97c05f7ba980446c14","size":540,"data":"","first_seen":"2023-09-03T13:51:37Z","last_seen":"2026-04-11T14:08:10.843421Z","times_seen":203,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"8058764a37549a1b7bba3b4752ca4ea0","sha1":"30dd62362f28071ed6cf803c22a5b07001035a9f","sha256":"015a5a5329452910b669742a080b052c0f61e1a63ae14e61eb46ce3754221e5a","sha512":"7b8bfaf631cd99d96890b6a4ed949b9a3b2fd2ef164511343f8ae700e1caf174c9b98f1c5f5ee24355cde797b1667283f4f0556783c68fc0f00029bc1b0291a1","ssdeep":"","tlshash":"65f0900af6f8b63180763a1da6bb934c3b3b165b300c9bc0795c97c05f7ba980406c14","size":542,"data":"","first_seen":"2024-06-17T06:49:03Z","last_seen":"2026-04-11T14:08:10.844016Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/jupiter.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd6c33fbc221d0271c910af910e6ebed","sha1":"9b52f24d6f10b885bb19db1c4b531469f96d2914","sha256":"318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479","sha512":"13d12ee60e01ec4dde5c1bed73a607a891d5cc857a6e161034e71159bd2a352a0f4ad8ef6038ccb2b5d7f23b8899bf9bcb97aa39eafcc6ae985cdc835e061412","ssdeep":"","tlshash":"e2f02728b258fa764472b779e7ae9219bf1618a3190c75007efc1dc23f304601a53eda","size":503,"data":"","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-05-27T19:06:04.184636Z","times_seen":7553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/bxsafe.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ccbafe3294ad0c33dc22099d9a66ac8","sha1":"eef5cdf453fd67e6a9096ee4d8ce16942ce0280b","sha256":"ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c","sha512":"d9393f5bc66a4848b5b93056c01d8f9f8ec86876fd25155dd316cac030cd7ca9cbf643845d9f911a1de82ddfa9c403688ef4e9e06b2ba0dfc03c172024a399e0","ssdeep":"","tlshash":"d6e04219e125b976d0b221d05e238283c8326a6fb1134b18f69c58e9afb851fc60bd05","size":334,"data":"","first_seen":"2024-06-17T06:49:03Z","last_seen":"2026-05-20T16:25:01.112089Z","times_seen":4273,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/noir.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8325a8dddc75eb4cd78a4c9d207aaf3","sha1":"5a956570fbffd26b497f38ea3a28f0bc075d5efc","sha256":"46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b","sha512":"7c18b2c845561a84e23020d9b3079e6ce9428f5be3b784f25da163d770d34fc12316dad34c74f6eb256539ed00f57cc70457f242c91aa673a2a3f311111fb26e","ssdeep":"1536:iP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrr:Z4UdWJiz6UAIJ8pa98Hrr","tlshash":"0083d6d9b2c67062977734b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84272,"data":"","first_seen":"2023-03-09T00:01:07Z","last_seen":"2026-05-27T19:06:04.182941Z","times_seen":6126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T12:50:23.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:23 GMT\r\nContent-Type: text/html\r\nLast-Modified: Wed, 10 Sep 2025 15:14:54 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68c195ee-5f11\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:1.4.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24337,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (413)","md5":"e6212e3a2ec5d2144c4c6749fea46571","sha1":"ae8cbe4f462983598c62d02a34b4dfc2f8011a4d","sha256":"57fe96983224f26965e4c901453ece95deacdbf526975301d05ecad61380b069","sha512":"4410484cbe5a196b7e4c725e4a14dbe3f227f8bffad7578af2eb1cd86d33513c803da973138841342c362a57a7837cad74a19fa2377e4aab4791a364c9da6ea1","ssdeep":"384:3SDT7ljSbGY/ejnXzvo0vLBffcuyP5EEDzYVu:cSbGYGTXLo49kuyP5EEDzYY","tlshash":"4db26164b8f6502301a3a085ab77eb0f3fa5e503d50b9b4076ac0be59f97da6cc0765c","first_seen":"2026-03-22T12:50:48.694622Z","last_seen":"2026-03-22T22:20:20.215478Z","times_seen":3,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":102,"dns":26,"connect":33,"send":0,"wait":31,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/f24.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /f24.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 1832599\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-1bf697\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1832599,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3016 x 1888, 8-bit/color RGBA, non-interlaced","md5":"49d8de60df94b43b3fddd837422053ad","sha1":"0c767e1477d25cdff9355ad88be58c8be64a1ffd","sha256":"9edeab0fc2d6cd6db25b6801e40e8093f4f638e75793fc4a39fa49ec0af4965c","sha512":"28ee4302fb2f15dc26408c2c8822c90eb809f88bed8e5699eabbcdba76bdcf0c419074b84acdefa3cb0639d3aaa36f6ef5ac10ea7bab5178ea3c3852241a80ec","ssdeep":"24576:MqMSP/DeeFeSOxIrHr8zglyyzy0BbWaO4A4FZn2CH:3H6aecrHy3Q5S/4A4WCH","tlshash":"57252320f6354476f7888ca2f07721d65902dbf99e21de0ac509e623ec76b637d8f0a5","first_seen":"2025-07-28T08:43:48.862089Z","last_seen":"2026-05-20T04:13:56.451804Z","times_seen":749,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":161,"dns":0,"connect":0,"send":0,"wait":58,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/set.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /set.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 360\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-168\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced","md5":"07b254d9ba665e8fdfa1a577851a4942","sha1":"08a88fd66d8677240ce3c16a06ece9af54e54663","sha256":"d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3","sha512":"677e89142fb766ea273dd370db676390f6bab1890ca6cfc6d25fcba994a6f7df618fef89ccf283cb2ac3ba9d32395c397e3a45b189d26235e1ec4b4a9104803c","ssdeep":"","tlshash":"43e060ce03976eebc5496a32310919235d3e1d4c8082ca04a20ccf30384e60413771b6","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-09T17:22:11.218516Z","times_seen":3811,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":184,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/ques.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /ques.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 349\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-15d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":349,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced","md5":"7454c652e0733d92de6c920c2d646ae0","sha1":"34a5bd8c7401f95e346895b0e5ccffbf0e9ad638","sha256":"44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7","sha512":"dde6d40bec105003cb93c52dd3322c26985fecc7ff1eab79547fb7f0365ab2fb7b1cba96aed81958c08627fc6c0ba6034bcec53b1b66705d7b04202e7f8b5b59","ssdeep":"","tlshash":"5fe0c0c37258dd78c5b100f20bf3a030946246420e3403f064014edc16a1e5431e048b","first_seen":"2023-04-30T21:11:28Z","last_seen":"2026-06-09T17:22:11.246522Z","times_seen":6428,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":212,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/cs.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /cs.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 3152\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-c50\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3152,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 520 x 520, 8-bit colormap, non-interlaced","md5":"911f04c21d791a20574a4b287b60d3af","sha1":"4cef2ee054e7a08fbf9692fded2d9cf1f1700cf8","sha256":"b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4","sha512":"32d465d388da7e383c5a6649d6b9a8e78d9e49d8c8d2f5f5fc1c284864d3db84c8e8505472457fc98d99256c70a01aa67273e70377c58b3778456faefd33e483","ssdeep":"","tlshash":"9e513c9a6a60067bc69395be0b4ec611bc1260bf7e4d56dec025947339498e8ca0cf79","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-12T07:02:31.680905Z","times_seen":5028,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":146,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/esc.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /esc.js HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 87\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-57\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"3335a14050d4f6057bb019cf705843b4","sha1":"1ecf59ecd458a27998fc365cbfa6ad8d5e7c1226","sha256":"46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14","sha512":"2bf59c17322ab476660facc7674bd1be4747267a811f4678932d35854a6e137d89da928386c98fc7542bab4e4068f1db9bed85a4702bf72527ce9a057affebcd","ssdeep":"","tlshash":"59b0125c103e5c2444313a201613d6182521400040436288f2c84241b4500284a1ec0c","first_seen":"2023-11-30T17:10:01Z","last_seen":"2026-06-03T01:25:22.075695Z","times_seen":5496,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":55,"dns":1,"connect":28,"send":0,"wait":26,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipwho.is/?lang=en","fqdn":"ipwho.is","domain":"ipwho.is","tld":"is"},"ip":{"addr":"104.20.44.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipwho.is","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 08 Feb 2026 02:54:08 GMT","end":"Sat, 09 May 2026 03:54:02 GMT"},"fingerprint":{"sha1":"8D:92:FC:3A:95:FA:D5:B9:07:80:8D:11:7D:02:D9:48:6E:31:E9:BD","sha256":"5E:6C:D7:C3:E3:38:C8:D3:F1:BC:74:0B:00:E0:3F:84:F6:19:53:45:CD:82:18:8C:91:90:73:53:8C:57:40:D6"}}},"request":{"raw":"GET /?lang=en HTTP/1.1\r\nHost: ipwho.is\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rootinge.ukwest.cloudapp.azure.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 22 Mar 2026 12:50:24 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e055266b8b6adee-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0c803446e75fb294408787c6c64ee800","sha1":"0962274e1fa925799e2d324dcaa1b173a2bbed98","sha256":"ae8d49b8344fca5c61af3aff17d9b1d3f272d198edf935f94b322463b15b57e2","sha512":"fcc0c8057e91b44bda5b3a4e976b202ee97a7127074e4a30026b291cbb5ebe9c0c8d1a626453b2fccccfa46eb67be4bd37dcd855671bdb064e1eeaf262a18276","ssdeep":"","tlshash":"0da0220f2300383a02022e8330080a8002e302f0e0c0230aa00c030e3200cc020e3008","first_seen":"2026-02-12T02:06:55.383473Z","last_seen":"2026-06-13T17:28:56.574562Z","times_seen":1426,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":42,"dns":21,"connect":8,"send":0,"wait":10,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/index.html","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: text/html\r\nContent-Length: 24337\r\nLast-Modified: Wed, 10 Sep 2025 15:14:54 GMT\r\nConnection: keep-alive\r\nETag: \"68c195ee-5f11\"\r\nContent-Range: bytes 0-24336/24337\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.4.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":24337,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (413)","md5":"e6212e3a2ec5d2144c4c6749fea46571","sha1":"ae8cbe4f462983598c62d02a34b4dfc2f8011a4d","sha256":"57fe96983224f26965e4c901453ece95deacdbf526975301d05ecad61380b069","sha512":"4410484cbe5a196b7e4c725e4a14dbe3f227f8bffad7578af2eb1cd86d33513c803da973138841342c362a57a7837cad74a19fa2377e4aab4791a364c9da6ea1","ssdeep":"384:3SDT7ljSbGY/ejnXzvo0vLBffcuyP5EEDzYVu:cSbGYGTXLo49kuyP5EEDzYY","tlshash":"4db26164b8f6502301a3a085ab77eb0f3fa5e503d50b9b4076ac0be59f97da6cc0765c","first_seen":"2026-03-22T12:50:48.694622Z","last_seen":"2026-03-22T22:20:20.215478Z","times_seen":3,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/tapa.css","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /tapa.css HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: text/css\r\nContent-Length: 19500\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-4c2c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19500,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"50709174280689209e0a1ce4290818cc","sha1":"5b6115fb99094c21081cc559690bc9d3a8acd5de","sha256":"863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de","sha512":"21bd5c90db9e42c5210f6132feffa2d51f4d431b66b238eb802b1d53842da4e48db042b780a3899bac6fe21e5fab890d9b262b392b45847b2090760d5382bb8a","ssdeep":"192:T5pyua9kzmx5XO0rXLruzG61fMDPe1tFpFabFGY5xyJoqSr2VrqODz7frYYCYYPc:VpyusXr4m9gSC0GL","tlshash":"90924f24da023186b237cb747bb15b92fb5400639b060579bfd8a2548fb58bd9262fcd","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-05-20T16:25:01.100623Z","times_seen":4282,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/noir.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /noir.js HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 84272\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-14930\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84272,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32180)","md5":"a8325a8dddc75eb4cd78a4c9d207aaf3","sha1":"5a956570fbffd26b497f38ea3a28f0bc075d5efc","sha256":"46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b","sha512":"7c18b2c845561a84e23020d9b3079e6ce9428f5be3b784f25da163d770d34fc12316dad34c74f6eb256539ed00f57cc70457f242c91aa673a2a3f311111fb26e","ssdeep":"1536:iP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrr:Z4UdWJiz6UAIJ8pa98Hrr","tlshash":"0083d6d9b2c67062977734b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-09T00:01:07Z","last_seen":"2026-05-27T19:06:04.182941Z","times_seen":6126,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":73,"dns":1,"connect":26,"send":0,"wait":49,"receive":39,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/vsc.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /vsc.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 752\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-2f0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":752,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 1-bit colormap, non-interlaced","md5":"87073644990cb240bcc9aca429af2670","sha1":"0e452e1f87d811c459d5c7084861f16076c71359","sha256":"23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7","sha512":"1bae543601fd0fdf4ec9aecd8552c0f9c15fb1364755ce31420ea1f623af998f20d44540d6e15771f2e229ad8134cf3fc261bc7b159f78a837a37d4cc9ac1bd1","ssdeep":"","tlshash":"11016a5de811f76eefd19dac1159fcc08bfa0661954e9559f071c41c4543cd50928987","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-09T17:22:11.220909Z","times_seen":3811,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/bxs.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /bxs.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 4776\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-12a8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4776,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 840 x 32, 8-bit/color RGBA, non-interlaced","md5":"dd1acbd9435c4415ce503a98d8a5ff2b","sha1":"f10046f388d944ce798706919c9d78423aa1d29b","sha256":"689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199","sha512":"ac4d9141a940c2f49cd7751c4322eb70518e8a94fc5a8baf1a8c8f589a00470a89c91d077af101376b86d4c030a0935d21af148f3d6c44550205dc430a98f20c","ssdeep":"96:jSDZ/I09Da01l+gmkyTt6Hk8nT/MW3WDZmHtOMtdCzkEWT6/jS:jSDS0tKg9E05TrW9mHFtszDW","tlshash":"d7a18ea7ad30b07ff9af72b14edd854047a8513c5696327010dba0da8852e1a5f5e8e1","first_seen":"2024-06-17T06:49:03Z","last_seen":"2026-05-13T14:22:57.945264Z","times_seen":3765,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":208,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/jupiter.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /jupiter.js HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 503\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-1f7\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":503,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"cd6c33fbc221d0271c910af910e6ebed","sha1":"9b52f24d6f10b885bb19db1c4b531469f96d2914","sha256":"318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479","sha512":"13d12ee60e01ec4dde5c1bed73a607a891d5cc857a6e161034e71159bd2a352a0f4ad8ef6038ccb2b5d7f23b8899bf9bcb97aa39eafcc6ae985cdc835e061412","ssdeep":"","tlshash":"e2f02728b258fa764472b779e7ae9219bf1618a3190c75007efc1dc23f304601a53eda","first_seen":"2023-03-07T01:03:37Z","last_seen":"2026-05-27T19:06:04.184636Z","times_seen":7553,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":54,"dns":2,"connect":29,"send":0,"wait":29,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/webs.mp4","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /webs.mp4 HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 8405\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-20d5\"\r\nContent-Range: bytes 0-8404/8405\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8405,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural","md5":"8618fbb0911e3b8fc96725dee8bfd81f","sha1":"1bbcb78922946d0cf18fbf3a9e092e36453eb767","sha256":"0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1","sha512":"5446ba0132541be0100f0ce418a4349c2ed6181fd9816d6c30b213e4e773ce6bd979789c422cfaece228b296b79a0f4f36b97bda8117a09f84416662a4513a55","ssdeep":"192:aXnUfcyMlDiVE9UQuKCCy6BAtdHtv8/okoR4X:WUfcVlDiVFKByZtdHwCE","tlshash":"74026cdaba011c6df51b92f863ee4310f49b284baf2dd447f2f616909a7b4c81727312","first_seen":"2023-04-05T08:40:11Z","last_seen":"2026-06-12T07:02:31.681596Z","times_seen":10990,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/mnc.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /mnc.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 166\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 140 x 30, 1-bit colormap, non-interlaced","md5":"51ebbb1879093893b39bbb6e970217ae","sha1":"196aa8f9ae46c8a46b2a997904abeafad817fcee","sha256":"1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7","sha512":"bc168cb77dd53503727e80354efdfd011e942c8e26d8ffb9f2641e3bd7c86a4a54f70df27735b4cfc76a7bbe71818bfa1cb758d04794f98ca2bac899219117d9","ssdeep":"","tlshash":"c1c080ced7d17d3ad64708379e461004855f0e9c44127465d077487351595405594750","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-09T17:22:11.216647Z","times_seen":3787,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":188,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/msmm.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /msmm.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 148\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-94\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 30, 4-bit colormap, non-interlaced","md5":"786e451b89111d04cb1fba3d32c398fa","sha1":"cbcbacb13686702d2ff96c749c0c08e4913ee24e","sha256":"7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6","sha512":"dd811796e5b61f7652ae1bea402f4cc3d22c5015cb50af202aa90816176432f87ce13dc6623122c76f594a89e5a535717dbfee135e33786f583f4f72647044ac","ssdeep":"","tlshash":"fdc02bca33920c7f872dc01221ed45929a032eb872316703c0f76a64c58020e92ec23e","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-12T07:02:31.677468Z","times_seen":5020,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":186,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/bel.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /bel.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 296\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-128\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 13, 8-bit colormap, non-interlaced","md5":"5ccc33fdd25d976f21579edd8e274145","sha1":"a6a313459f9928d69cfacd7431568c893ceb447a","sha256":"ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953","sha512":"8fbc0e55033e864a1b191c1c74f4d05bd1ab21436668d9ac4a47a4f044103f6c033bd1b555d39f779423c05bd1aa98f3078ee4becb55729334bb54fae8e2b0ce","ssdeep":"","tlshash":"a2e0a7eaea911e27e029253582125b519867de283153638265c0ef391e1a5a1d318d77","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-09T17:22:11.21957Z","times_seen":238,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":150,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/pcm.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /pcm.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 428\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-1ac\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":428,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 166 x 92, 4-bit colormap, non-interlaced","md5":"87f2241cd287f6ac24dcbcdebed235c8","sha1":"10354bf434cb79920f141e5f5b0f2e52c404dea9","sha256":"b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce","sha512":"fad5386d0addb0116535f9d3ac14b19488705785d4391906b9a5aac0cad9c0d2b17e16774c3347ec801a604a79717e46688435a34917cdb50936ad4400ded3f1","ssdeep":"","tlshash":"52e08af5725165fd7530eb65210f0418c7f7453cbb77dd34002305303511a4487d090d","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-09T17:22:11.230764Z","times_seen":240,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":148,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/dm.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /dm.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 347\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-15b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 1-bit colormap, non-interlaced","md5":"4a39876d0660cfe5b1f5cb073498c66d","sha1":"174e953eb12a558f9ebdd2a276fc6b544cb8dbee","sha256":"1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5","sha512":"fc0bb565fab99b385e9d601de6b02284a691e509a3f14165cffb7721191fc0fbcc59b4f0e634de6b967db607a900921221333cbbc4c126d6bea1bdfc3dc02288","ssdeep":"","tlshash":"8fe0c0fd03044836f13d4c33d34a496096d10b99549b141742324a701db6bcd4ed20b4","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-12T07:02:31.673966Z","times_seen":5030,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/re.gif","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /re.gif HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/gif\r\nContent-Length: 14751\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-399f\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":14751,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 193 x 71","md5":"6fcb78e0cd7933a70eea2cf071f82118","sha1":"70364bffd62fe33360abe70ecc7f7c0541b3b54c","sha256":"4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86","sha512":"af086b13f6041fed8f9457fd4fea33b3bf4a1ed985a4edaf8e59ad22a772652d83a619d070bee3c81686166717526d5c2ef3097c1c088e4729fb15b09caea961","ssdeep":"384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH","tlshash":"2c62cf5ed1ad0343fe4c34b726641e6b560cc8261f63a2836a5b35ea27111dc4334e7f","first_seen":"2023-08-02T18:46:50Z","last_seen":"2026-06-12T07:02:31.669096Z","times_seen":12562,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":145,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/bxsafe.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /bxsafe.js HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 334\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-14e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":334,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4ccbafe3294ad0c33dc22099d9a66ac8","sha1":"eef5cdf453fd67e6a9096ee4d8ce16942ce0280b","sha256":"ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c","sha512":"d9393f5bc66a4848b5b93056c01d8f9f8ec86876fd25155dd316cac030cd7ca9cbf643845d9f911a1de82ddfa9c403688ef4e9e06b2ba0dfc03c172024a399e0","ssdeep":"","tlshash":"d6e04219e125b976d0b221d05e238283c8326a6fb1134b18f69c58e9afb851fc60bd05","first_seen":"2024-06-17T06:49:03Z","last_seen":"2026-05-20T16:25:01.112089Z","times_seen":4273,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":55,"dns":0,"connect":28,"send":0,"wait":27,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/msmm.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /msmm.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 148\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-94\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 30, 4-bit colormap, non-interlaced","md5":"786e451b89111d04cb1fba3d32c398fa","sha1":"cbcbacb13686702d2ff96c749c0c08e4913ee24e","sha256":"7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6","sha512":"dd811796e5b61f7652ae1bea402f4cc3d22c5015cb50af202aa90816176432f87ce13dc6623122c76f594a89e5a535717dbfee135e33786f583f4f72647044ac","ssdeep":"","tlshash":"fdc02bca33920c7f872dc01221ed45929a032eb872316703c0f76a64c58020e92ec23e","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-12T07:02:31.677468Z","times_seen":5020,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.4.4.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-1.4.4.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-13309\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 22 Mar 2026 12:50:24 GMT\r\nage: 860128\r\nx-served-by: cache-lga21980-LGA, cache-hel1410031-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1003, 199\r\nx-timer: S1774183824.203580,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 27078\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":78601,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (820)","md5":"73a9c334c5ca71d70d092b42064f6476","sha1":"b75990598ee8d3895448ed9d08726af63109f842","sha256":"517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c","sha512":"b5c7b19a6d0f05cfa33a7f54c1b8075698d922578429789fd4c0a4ce035f563857283c7062e9ab08ec61679b486971f3d83a44135e217e3167e49fada5a1520a","ssdeep":"1536:oqD4uWibfmaWWfiw7u/m9LofuENlx9TV6Z+T3VopklvQDPj10XQjdA4+9j:opzYf/t9s5vQD6X2dA4+9j","tlshash":"d7731bd9b2c2727383e731b864af520af13668aa644c4894f06ce8e4bd74e45447bf7d","first_seen":"2023-03-07T01:10:35Z","last_seen":"2026-06-13T08:07:32.013496Z","times_seen":10428,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":39,"dns":3,"connect":13,"send":0,"wait":23,"receive":2,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/bx1.png","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /bx1.png HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 119079\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-1d127\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1056 x 908, 8-bit/color RGBA, non-interlaced","md5":"375f2aedc7a2c955f3a3d6086ab9560b","sha1":"585c0154809d7513811bc4030254926c6ab8738e","sha256":"02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35","sha512":"63007e4754572dc1114e7eac70c92af369511d027e78ecffd8cb7cb9e07e8e51d39bf9d12397b65193bb6b9b966aa0d0a1042e42e008bed62a0db99680e6dc64","ssdeep":"1536:tn9iqMvAmWRWuPmqHpPFtAlefeLFQo5c3cwQzM1o0VS7cN65xj9OcWYqmVFJKc:t9OvAf0KLGQfa63Lq4RNGZscWYpFJKc","tlshash":"fac3f1cde0f7d919ecdf463317620634163a09630385863ea77d316ee409a3e2e95e4b","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-06-12T07:02:31.685737Z","times_seen":4952,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":206,"dns":0,"connect":0,"send":0,"wait":52,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/nvidia.js","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /nvidia.js HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2054\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-806\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2054,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2054), with no line terminators","md5":"921e013d361401879fe324e511d1c766","sha1":"40a531545ec76297667c108bc3cc369e0f4b0e47","sha256":"ad3619bd3e93e1e3a05f7ac346ec2d8afdd5bb2a583a876c0a085ce57fe6f2f0","sha512":"95fab788535bd1c52904b968772c6545bed64dcdfd299763b7a48f7c99af55afc3112687034a9c6c1b2c0081d089f92d203e44e48d4372f1aeff5cb670437bbe","ssdeep":"","tlshash":"c241997ef198e031c5b33d6a727fb28aba32742b7e422426a01c55b44e3ca0c4b57848","first_seen":"2024-03-25T05:26:50Z","last_seen":"2026-05-20T16:25:01.107454Z","times_seen":4362,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":55,"dns":1,"connect":29,"send":0,"wait":27,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/visudk.mp4","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:24.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /visudk.mp4 HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:24 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 200832\r\nLast-Modified: Tue, 24 Jun 2025 01:07:26 GMT\r\nConnection: keep-alive\r\nETag: \"6859fa4e-31080\"\r\nContent-Range: bytes 0-200831/200832\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":200832,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains:\n- MPEG ADTS, layer III, v2,  64 kbps, 22.05 kHz, Monaural","md5":"0116152611dd51432e852781f8cc7e82","sha1":"2408d3d281b25649894f78a4e19f7f8a8ac735f9","sha256":"fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65","sha512":"4378f49a8e77ba6f34dc8b0f738b1fdbfa1e686cfb60c07e83b9d76f4eab1ccf444785fee5b9932da77e42fa189bb14ffcafac3d9c9965cbf276c2d06aa94cb0","ssdeep":"6144:4lsFCVxSmdxiWKwHtlYMKrXFTNRp+TSAU1M:4lHVx5ihwHvYrDRhAU2","tlshash":"a514af533b100a3ee5859d7a42b397670297ee16940cd9d6f92bfb106e3fd639d808c8","first_seen":"2023-04-06T19:05:03Z","last_seen":"2026-06-08T00:57:09.590884Z","times_seen":2753,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rootinge.ukwest.cloudapp.azure.com/index.html","fqdn":"rootinge.ukwest.cloudapp.azure.com","domain":"azure.com","tld":"com"},"ip":{"addr":"51.11.110.216","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rootinge.ukwest.cloudapp.azure.com/","date":"2026-03-22T12:50:25.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rootinge.ukwest.cloudapp.azure.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Mar 2026 14:11:16 GMT","end":"Thu, 18 Jun 2026 14:11:15 GMT"},"fingerprint":{"sha1":"4A:FE:B9:68:B2:2C:A5:C9:1C:42:49:28:18:CA:A8:10:75:AF:2F:D8","sha256":"5D:C9:F7:63:6B:AA:78:85:79:43:C0:57:EF:91:89:DE:4A:C4:1F:5A:77:87:20:A1:D5:FA:AA:8F:BD:1A:61:C8"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: rootinge.ukwest.cloudapp.azure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rootinge.ukwest.cloudapp.azure.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 22 Mar 2026 12:50:25 GMT\r\nContent-Type: text/html\r\nLast-Modified: Wed, 10 Sep 2025 15:14:54 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68c195ee-5f11\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.4.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":24337,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (413)","md5":"e6212e3a2ec5d2144c4c6749fea46571","sha1":"ae8cbe4f462983598c62d02a34b4dfc2f8011a4d","sha256":"57fe96983224f26965e4c901453ece95deacdbf526975301d05ecad61380b069","sha512":"4410484cbe5a196b7e4c725e4a14dbe3f227f8bffad7578af2eb1cd86d33513c803da973138841342c362a57a7837cad74a19fa2377e4aab4791a364c9da6ea1","ssdeep":"384:3SDT7ljSbGY/ejnXzvo0vLBffcuyP5EEDzYVu:cSbGYGTXLo49kuyP5EEDzYY","tlshash":"4db26164b8f6502301a3a085ab77eb0f3fa5e503d50b9b4076ac0be59f97da6cc0765c","first_seen":"2026-03-22T12:50:48.694622Z","last_seen":"2026-03-22T22:20:20.215478Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"rootinge.ukwest.cloudapp.azure.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}