{"report_id":"11949a5f-7725-4935-9321-d3b51294f463","version":6,"status":"done","tags":[],"date":"2026-01-08T20:49:45Z","url":{"schema":"http","addr":"getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx","fqdn":"getter.imgloadexample13.com","domain":"imgloadexample13.com","tld":"com"},"ip":{"addr":"47.75.31.137","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx","fqdn":"getter.imgloadexample13.com","domain":"imgloadexample13.com","tld":"com"},"title":"getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx","dom":{"size":64,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"fe020edff71c010da599bae74f1558e9","sha1":"5dbf388ea88366c6c0249b85272e2dcab30ee5d3","sha256":"a5b66ff85e031b1143b4a9ef4f92e0989866893323caddd25df2b161d997a952","sha512":"2fbdf74c96a0bc986cb4dba72166bb742da780b376eea31f8be9de5a7137aead79302f4cf1c54859875a08c7b29f32e018a6137fd6f817c229487c43f4c17c4a","ssdeep":"","tlshash":"56a002fa986120995d6239d05cc22a46186886d571014b0169ca7474da4821eac435c4","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx","fqdn":"getter.imgloadexample13.com","domain":"imgloadexample13.com","tld":"com"},"ip":{"addr":"47.75.31.137","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-12T20:49:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"getter.imgloadexample13.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"getter.imgloadexample13.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"getter.imgloadexample13.com","ip":{"addr":"47.75.31.137","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-11-17","domain_rank":0,"first_seen":"2025-11-28T16:20:00.243402Z","last_seen":"2026-01-08T12:54:11.018748Z","alert_count":4,"request_count":2,"received_data":1143,"sent_data":1177,"comment":"","tags":null,"fingerprints":[{"name":"Zipkin","description":"","website":"https://zipkin.io/","common_platform_enumeration":"","icon":"Zipkin.png","categories":["Analytics"]},{"name":"PHP:8.0.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx","fqdn":"getter.imgloadexample13.com","domain":"imgloadexample13.com","tld":"com"},"ip":{"addr":"47.75.31.137","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T20:49:23.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"imgloadexample13.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 02:53:23 GMT","end":"Tue, 17 Feb 2026 02:53:22 GMT"},"fingerprint":{"sha1":"46:7D:0D:E8:B7:A2:D6:0B:27:22:74:ED:01:8D:62:13:D0:CD:2F:C2","sha256":"43:F5:89:FA:31:56:D3:16:3D:C0:5E:C5:6B:52:D7:6F:95:B3:51:9A:CA:B6:AE:2A:1C:0F:32:B9:2F:A0:EA:3F"}}},"request":{"raw":"GET /unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx HTTP/1.1\r\nHost: getter.imgloadexample13.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 08 Jan 2026 20:49:24 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nx-powered-by: PHP/8.0.23\r\naccess-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-envoy-upstream-service-time: 22\r\nx-b3-traceid: a49490a61b1769ebe27bdb3486368c94\r\nx-b3-spanid: e27bdb3486368c94\r\nx-xiaoman-service-version: prod\r\nx-xiaoman-service: edm-fpm-default-prod\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Zipkin","description":"","website":"https://zipkin.io/","common_platform_enumeration":"","icon":"Zipkin.png","categories":["Analytics"]},{"name":"PHP:8.0.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f4251c189d0c1012e171c89030fc1cca","sha1":"19bb1dbf7d55cbba8cabf1ebf6a98c92dc367634","sha256":"ed3b83b72fbeb652946460d06c58f39bb9cbf15b5fb53b67750faab8535c1499","sha512":"5796875b6bba62f658bbef132cad430e67039b22e39bd8e0d85531e01ca16d104df3bdb9bec389e55f0e938c1d121e900e34e9ef49050bb841a64b2d8faa846c","ssdeep":"","tlshash":"457000220c2000c8008220208c822c0a20a0088280000200a0ca8020cb8820e2883800","first_seen":"2023-04-07T19:59:56Z","last_seen":"2026-04-04T06:44:16.604013Z","times_seen":136,"resource_available":true,"data":null}},"time_used":2079,"timings":{"blocked":847,"dns":1,"connect":279,"send":0,"wait":385,"receive":0,"ssl":564},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"getter.imgloadexample13.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"getter.imgloadexample13.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"getter.imgloadexample13.com/favicon.ico","fqdn":"getter.imgloadexample13.com","domain":"imgloadexample13.com","tld":"com"},"ip":{"addr":"47.75.31.137","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx","date":"2026-01-08T20:49:24.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"imgloadexample13.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 02:53:23 GMT","end":"Tue, 17 Feb 2026 02:53:22 GMT"},"fingerprint":{"sha1":"46:7D:0D:E8:B7:A2:D6:0B:27:22:74:ED:01:8D:62:13:D0:CD:2F:C2","sha256":"43:F5:89:FA:31:56:D3:16:3D:C0:5E:C5:6B:52:D7:6F:95:B3:51:9A:CA:B6:AE:2A:1C:0F:32:B9:2F:A0:EA:3F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: getter.imgloadexample13.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://getter.imgloadexample13.com/unsubscribe?t=Iiy2q4d4Oxxy/WLnWitnrGRWPqOT6qODVUVTPM5sfzEb8odfV5vNI9Pie+eeA3vz+8wKifuQb1eRwH3tuEnrbzEDOl1wk0gx\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0\r\nDate: Thu, 08 Jan 2026 20:49:24 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 153\r\nConnection: keep-alive\r\nx-envoy-upstream-service-time: 0\r\nx-b3-traceid: 37e045333dd2c8adeec9269491042b0d\r\nx-b3-spanid: eec9269491042b0d\r\nx-xiaoman-service-version: prod\r\nx-xiaoman-service: edm-fpm-default-prod\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Zipkin","description":"","website":"https://zipkin.io/","common_platform_enumeration":"","icon":"Zipkin.png","categories":["Analytics"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"ac5ea41aae137cead073d37a7bb732bc","sha1":"85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae","sha256":"fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7","sha512":"e18fb7137b18f12275eb2e93230b6eaf9260180b9c65cd68850aacda5db89dfd4ec360fab6ea1ed1766077b3e916e89c12be958dd1e9c904f81a01978e9651ba","ssdeep":"","tlshash":"a4c02b2d3513bc4cc563317832c37080c0c6833768bb41128440800331cf2a98ac7397","first_seen":"2023-04-07T11:57:07Z","last_seen":"2026-04-04T06:44:16.602141Z","times_seen":2081,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"getter.imgloadexample13.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"getter.imgloadexample13.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}