{"report_id":"129a7bcc-88fb-4e20-918e-43ddadcd0aa9","version":6,"status":"done","tags":[],"date":"2026-04-27T07:25:03Z","url":{"schema":"http","addr":"a.vilo.click","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":0,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"final":{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"title":"Claim Your Reward!","dom":{"size":17348,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9972)","md5":"93b55fa8f58cfe5e23681b6fdd204e80","sha1":"5ddc2bddc82429ab8c9587cd30d3424892fb465e","sha256":"65ee64dbd02550cdb44568985e750bb7dde0d559950be385848cea6187c953e8","sha512":"997578cdc78dbc45aa8a2e82a0b5adbc0cde70db9fafb7d40ca5f16d2595bdc6fca7dbfcab56aabcefd80ba42a4c556cee10ac53376a3c41d85e9c14372678e5","ssdeep":"384:1WrLuZIXmJ+oLZ3/Tw1xFjz2AkOIKZ6DuKKBVwH/Tma3Fgc+rZaVLx82Ar:1WnuZIWJzZPTw1xdz2AkOIKcDuKKBVwc","tlshash":"9872a74076d1fd93325326b77327b7d9f9694a8ba8018486b16cb8a0bfd1e02f5d3439","dom_hash":"domhash9ce9a88a150000161d9022bf4c16bc84","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"a.vilo.click","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":0,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-01T07:25:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"a.vilo.click","ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"domain_registered":"2025-08-13","domain_rank":0,"first_seen":"2025-12-26T13:37:41.668499Z","last_seen":"2025-12-26T13:37:41.668499Z","alert_count":26,"request_count":26,"received_data":321834,"sent_data":12028,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"afrdtech.com","ip":{"addr":"31.220.27.154","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-04-19","domain_rank":19742,"first_seen":"2024-05-10T14:42:59Z","last_seen":"2026-04-20T21:08:28.906727Z","alert_count":0,"request_count":3,"received_data":50098,"sent_data":1370,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"45e3a46717e58c7d667b3009ba7f3201","sha1":"8e2670f0a7d0edc65217d49b5ce2f7dec0c37cbe","sha256":"e60406ed119af9cd082932dcbd659e7ffa184f9f0e498d02a26b8bd8dd9eec99","sha512":"59ce3e1cec54ec0b44014cc177e9c9d572a6d4b60bc36201f73ab7cff682466c396d17fd6f6be2161dd83a4edee4e63e6553fa2061c2b157448664ac78cf3b98","ssdeep":"","tlshash":"f1a022be32c3200c2b022080003e2cfa0c3202fa080aeee0c280bc300a3c83ca30a0fc","size":72,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.291152Z","times_seen":1454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"9daba20cc0b62ef713a5a7f45045325f","sha1":"cc9083b0d3694a975ce99e281de797d4bf228115","sha256":"df290d8a6019595f4629829ff425382ab36241c211436f20e6e86a1a55bbe91e","sha512":"48dc2041be342c744bf6b781f483f08cf406b69eca6b850bdc37ede116ff5bcb7f328a7d1f2258245c79864bf07349875bda3a02a227ddff1c1031feac0cfa0e","ssdeep":"","tlshash":"67b09279678070e6e817231c2623ab804c3002b13849fe34901c9cc5aad9413020a019","size":116,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.315897Z","times_seen":6060,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-27T12:44:53.952284Z","times_seen":214131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-27T12:44:53.952284Z","times_seen":214131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-27T13:15:44.302771Z","times_seen":630019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/shared-P22NF6LM.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"importedModule","is_inline":false,"md5":"08606ce09fae6ff973e73b9467ea8956","sha1":"110b39554d8a4f59e2c710bf56e33892943530ff","sha256":"b691ed2532989969f5f6eb8bd78ce76876124c18e13dae5cdf8576765fd103be","sha512":"2e96bc3c9c989030e19b9c220b65b326a77120d28ae6d8fb0ed4914c01c68a49f44a694f30987955770e4a95ad118fb3883623d9719ccebd151cf7f99ed4de1e","ssdeep":"96:xiUTPwN2kgGiQf50Mzd7EtZp5gnFP+f9t1Q5faWmL4a20ICxTRcR1:VApiQf50MVKZp5yFP+f31QxmcRCxTo","tlshash":"1be13f2c95b7928701e711ac061fa226353c991b3e88f8c87eac42542f6ec5f94f27dc","size":6949,"data":"","first_seen":"2025-09-08T23:30:06.888269Z","last_seen":"2026-04-27T07:26:42.208019Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"a0bb2b917a2139d1e28fe43296edbfd9","sha1":"30c72615ba6def457f66cc870475aa91f8a7d626","sha256":"46b547a2290e02d6379c03cb35d2d696000b0a69e950d4a987cab7631f039c05","sha512":"5fc9279c55799c4ed7baafd33331b8fa61ecba4a8e3cdf0a4d281af5955b85b69d9aef0afc730944cc17d7dd54fab79db45c629a947c955f5c19f658d6782585","ssdeep":"","tlshash":"2ca012b333c2840147c3209000172984c02583e200040943802089a7361d035f81692c","size":83,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.297185Z","times_seen":6048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"3c1bc1dd08f96349c433eb122aead61f","sha1":"604a16c0e2869cb47564301036b786202c8a8787","sha256":"869b75296a55932491e9a9847f1b8746d20031365f68588214df57565331437a","sha512":"33f6be39ce7c03944319279e0496969c0bc05f376f2b9587787d6bf108f043f75336b71a84a8a4dd9f47f2bf84137889bbf93dfef63a07ec2cc8fcc1008016ac","ssdeep":"","tlshash":"33a022a0b0c3b03033a32203802e8cece03000f000e0fee0c000a8302b22030b32c3ac","size":66,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.313787Z","times_seen":6056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-27T13:15:44.302771Z","times_seen":630019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"cabaf0b19d625305cf38de073d824f2a","sha1":"2450596ab521b22c1416f84da273dbc81fe242fa","sha256":"a3cf8b0a9289b1695c376a2960143d07520fe678d9d593d7743d1bd0f382a3f7","sha512":"25b20a5457fac2f95547f33dcdfbad068e822ab799b806d30f116919a6f2c2cb169264b3b54db2fdbc5dd9ce291296ba5e6fbfda3d4e4a00ef3f6e51c61285f8","ssdeep":"","tlshash":"2be0d8e50b1246fcc020192d4e08fed7b26530196c30b1fa008d845820c8210affd0a6","size":352,"data":"","first_seen":"2025-12-26T13:37:44.42561Z","last_seen":"2026-04-27T07:26:42.305289Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/shared-YENF7BNC.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"importedModule","is_inline":false,"md5":"1fa0e36f829e3be6e7a97ebd59ea5271","sha1":"3341b1d62c76df3ff6819eb846aef1e2a2337ca9","sha256":"a768d4cad01e75f69740ffb4f0fcb63de89cf2c663b5360a1b2712149f6f1f01","sha512":"3aecfa8bb53aedeeee741d1ab971230b9e61d18cdd83e69df2f4d4d9a89143f11495b145fbf457b27089f0aabba04f69a470e31bee858cedac3da1e1e99433a7","ssdeep":"96:WmMI0eaH/WZCyqqZeBogQh9qiSyJC+4UpEi+3hyQxy1y8v:MdHeZtGOth9q7yJC/aEi+xyQxyMM","tlshash":"4f91bc1d07f316b781b730188b4fe86aab6a89473748ce487e9c5b501f18865d6e27c8","size":4234,"data":"","first_seen":"2025-09-08T23:30:06.897907Z","last_seen":"2026-04-27T07:26:42.189894Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/main.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"807cfd7b25f9ac18904b4f5264a16285","sha1":"c232e08e8a5899048c88a5dce5fea7663364dcce","sha256":"a88e4b5358bd71423be91c8a1f6df6efbd9357de53b03cb8f36f96fb2acb8c92","sha512":"27a98e248ca9e9f34c23086aa1175d2fbd822e8f2dbab00b07f95568592dc100cc411df835f237f6221ac4f82cb765ea486083ce33e3f9ebb26bda49e8ed1d1a","ssdeep":"192:aLJrhQC3c7jqGqBC80q5iLuLzRzjXMBPjQR7if:WrhJcaBW","tlshash":"41e1ce1926b300bb9173685d57cf6300ba109003be04dda838fd9706af5b97a6ae37dd","size":7281,"data":"","first_seen":"2025-12-26T13:37:44.413533Z","last_seen":"2026-04-27T07:26:42.235453Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/translateElements.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0045c1c663de2f4552758cb9306bda7","sha1":"216fef10423e5384a2cfb14f8b37cb258950a5f9","sha256":"6c15ded3ab089d2a99ec256de188c81f8c048901924cf37d8add529d3e400a1f","sha512":"8d43bfb016ff2f84bc435c23ba3cf6f88a010e6eb02157292308af270b5307a47b0fd8b9a2a627b01bc35aeacc8b4363cbaedc43a1180043995b3bbfd302c38a","ssdeep":"","tlshash":"0341ce2865b7022b855720af9fc340d9ba3859033125dc583b9d8b421f84e3c87dead4","size":1908,"data":"","first_seen":"2025-09-08T23:30:06.869851Z","last_seen":"2026-04-27T07:26:42.154716Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"4926fb84b06b4ce5c03863d4feb9487e","sha1":"6c6deabb642ecaa22137f51844d3aeee3667634d","sha256":"b4aaa25b32993baf4493e5817f7e7eb067f97d101c6b0b4d6ea9584506acb37a","sha512":"2c42bb25027e35cb5d6d2c8b2b4e6e033346e3645a4c65d5343a8468a2cc11eab1e0611f378e324e85fbf261d52dbb98dc328ddc39ac480113a96e7b17403af1","ssdeep":"192:/uZIXmJwppnoLZ3/Tw1xFjvb2/hrgnGhOIKZ6DuKKBVwH5FTmSQ893Fgc+r22faV:/uZIXmJ+oLZ3/Tw1xFjz2AkOIKZ6DuKf","tlshash":"0f22418577c5fd8127436bb3332b72e9f43a5caa7c404486f108bca0faa5a02f5d2575","size":10536,"data":"","first_seen":"2025-11-04T16:53:12.878577Z","last_seen":"2026-04-27T07:26:42.311645Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"63116ca3bdfc7ef0c9a09579faa8cb15","sha1":"d89ca9be8c6cead2d2a12f3e9a79edc27de2a6cc","sha256":"f670b2247c591e2af8adc9e0b31c64592554871c81deb0ccc4e7246f1ac4a5e2","sha512":"25de0033af0ccfafee7d4e9c99231c8bfc6004b082a03158be40c3536513493c4d8f7cfab57cf6c1a7e807ff4fe367c327f34bd9934978c352d294159e570a18","ssdeep":"","tlshash":"b7b0126612ce000bdf2212d452263c410f26317798c04c0161915c542c12c351114f6c","size":94,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.293201Z","times_seen":6061,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"9fb507f661392bb18734a143229795e8","sha1":"004279a4f630424371fbe72b6c2c45ac86b59ddd","sha256":"e495c02fb62945e7a859af557a81c73673dde7789fa538536b9b8eb3958cf16f","sha512":"1c209d5ac784cc5f12d74cbc9a195349b1aee933077ec935720bfd1d38d6634b3e49552e96d1290bf351e298e37bf38886c8edf12a13409cd819ce6d271ce4ef","ssdeep":"","tlshash":"51b0127820e520d60d6311c920fb5b98e8a0523010204801c148cc7434f4d61401541c","size":91,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.28371Z","times_seen":6052,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"afrdtech.com/v1/script.js?kmnrKey=436274215","fqdn":"afrdtech.com","domain":"afrdtech.com","tld":"com"},"ip":{"addr":"31.220.27.154","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f48b80c1714b3abd8406ea03109aae4f","sha1":"9680b5f9a5130d244d0642e90c560ffebeb99cd5","sha256":"841aa398f2a23c708901c9b98c30bde6bd7310d05a1ab3c35738eeff6f7dde20","sha512":"979be99ea84c45921dec7ddb5abc381140e1d5fbd1f070e3e5886668fa29372c0d6ef85563f2a2ada418ce955ba017a240a45a1009cbe781cd0ff1fb6cc899cf","ssdeep":"768:7YLCnCA+uPkdQfxLBF59jTzQs1R/Wh9AGdpMYcXJwF4aVOu6I:7pP/f5jXB/a9fdKYqwF9VOu6I","tlshash":"bd233aae7656b43480b75179083f7206f33e1a6ad509d480e666cc803de5b4b6127ffe","size":48443,"data":"","first_seen":"2026-04-27T07:25:05.986398Z","last_seen":"2026-04-27T07:26:42.163049Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/common.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"0581f383b3af97e9012ea6b206f6e3d1","sha1":"30897aca017dca29ec7b66022bcb300c3c928b41","sha256":"2208ba1d545a707b1f5c997da9b471abdfe81eaa7f79e7c1e20d4b5593c65170","sha512":"2281b9b3f1cdce3294690c5843a0c196bbc5d7201db139e4d8c3cf5bd45e48f4f6d483ac0283218650b339d29d947c01ae869c99b5733826f4280a0951eff715","ssdeep":"192:+BqBy2BjPo1ilckiWOQ0TzYC83fCQacaEr:d52iqkDX0TzYC83fCQh","tlshash":"7c12d7ad4634c67900fa148f314efb62b1385a8e7c55e490716ecc1a713decb4a72be9","size":9137,"data":"","first_seen":"2025-12-26T13:37:44.416567Z","last_seen":"2026-04-27T07:26:42.195986Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/core/activity.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"b02f79eeee2ab245b95cfe5e2a5b7b8f","sha1":"9a20494e2fe95f242c90d11f1c165f86cb62038d","sha256":"dcdbd19a121240cb41c0f357d9af115b522e0d71cb7b1a1a8ff2029873822696","sha512":"6714ccaceeb9b1cbf923fab39e41f4ea0290d76843914360bfc42d9ae735ce7417e5e253d2d5da1ccb519cde1c69782b68cd7109cf56ed965455278e933af50a","ssdeep":"1536:qB3kINsGp6rm5Uquul2ydS6z8QHijbawrj0WWkF4ZVw7C7DSsNY5r49ofHBD3:03dNsEfUq0TTjba0AjKBD3","tlshash":"1073408073c1bc81138f6bbb772bb5e5f62a49ed7588488ae414bc44f4bd606fad0674","size":76548,"data":"","first_seen":"2025-10-01T18:00:42.827869Z","last_seen":"2026-04-27T07:26:42.203991Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/core/session.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe1f2c1f501910ea98536dc9802a3b30","sha1":"1a1d1b222a9cdc994dd82d18c676e77704466576","sha256":"b6f93c626026be31bb5f7aa5274537d057376fc9a87fe14497e81b176679a83a","sha512":"256f280f5a0fb39b70caef08525250c7224ae03c1f8c950e003170fe49ba7894e61b283d5f901678a6a0b0df1897461f2920ddbb1a83f44befd4d41fd18f0d7d","ssdeep":"3072:9YggiG3JkiARo2AxDby7ESBvc+hALkkdgoP/:U93JkidxxDby7lvc+q6oX","tlshash":"b7d3418073c1b88163471f76732bb2f5d42a4cea7588488af114fd94f4ba61afae5570","size":130406,"data":"","first_seen":"2025-10-01T18:00:42.818957Z","last_seen":"2026-04-27T07:26:42.274568Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"d5c96eb52a1711f3a2950348f2d115f9","sha1":"c2477218c9a9fd31c0e09166892f83381f5e0e26","sha256":"a65dc9d6d0e097cf39657dfb89d3deea54548c6b59805088214fe5622e8bec61","sha512":"3f9b89c57906a121dc5933b94b73efe961d28148e1878b50c809df9a24061b30d0406b1c97e852b7676151eacf1b4206b7c2cc9c2094271c0bf089611c1a569f","ssdeep":"","tlshash":"dfb0125867953032530211e240094c585b3e08f1c4e05cd6805ad87817f3c2273583dc","size":102,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.309537Z","times_seen":6047,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"38bcc383b6fbba7928656b9040b282e4","sha1":"b2c4afbeba79d71db5df9e73f68b6bec4d2cd6d0","sha256":"07027ba340ef65872b6207efe05665f64bc5338b873ab256fd46a953f79f22df","sha512":"41cb43fc48199e9eba38e9df984023ddf78b9975efdfbb12c99f25cc08ee3ed1bae4c9c2a90020363ccc9d475cf49675ac38f1a3ae8bde344a1977fee373434d","ssdeep":"","tlshash":"6890025765d1a1115a6b72e1403b9d4a041641a194545850604c9c56585bc61134d8bd","size":52,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.301083Z","times_seen":6055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-27T12:44:53.952284Z","times_seen":214131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-27T13:15:44.302771Z","times_seen":630019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"be5d9ebf54fefc6e38f077cef4bd6caa","sha1":"26a1f34155b4aa54100a69c778dc0b4be5c1a500","sha256":"00e0eac098edfd61cca6fe77139f78b66926ce917eb603a36311c4b64dab6c73","sha512":"1309dc64e26ba7e55efec514e1c4ca8654062c8f69ec54a04e51fd1fe9a398839e4f556ed24989e68383a0ca766bf6fd23288340b2c0212e2c2d4eb30e49f9ad","ssdeep":"","tlshash":"1fa01281e185519c11f321e810855dc070315820304944c04044d0124416c1aa70d028","size":84,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.279502Z","times_seen":6059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"be7bfc2a908a684a210d585ed55d30e5","sha1":"c0459f4c57d2e1a980fcac6fac8e47d3a18f237d","sha256":"9e9bd85194604c6912fb8f12147e0bdab67f1932f029c8accfb629bed57945c3","sha512":"2c2f6e1ec8c1e59bb7c57acfc09ffd94c332e1e6f5cae8e481633b1a2294eec0453c88b995ea7ab17b4eabad583de7806c04d05125baf69ff8e3a363a3051dd2","ssdeep":"","tlshash":"4d9002bd9840919455572b9605965844092040612945dd500041a46218660705e0596c","size":45,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.281606Z","times_seen":6056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"introduction_type":"Function","is_inline":false,"md5":"034d21c266d82b1579998cc036512358","sha1":"18502599f21b6fba79982d8801f2525b2fd3b988","sha256":"cfe1df1650cf9e5565b4d99de32961d73acedf09e4445d80ab2552aed9c8bd83","sha512":"dd0d92326aaa84f76da1b3ce77263e5c2bdbd070a479d049dcf317e74552449b4ea07f73ef2346f81de9706ec798de79771392eece35bdde0261bd04b93103a0","ssdeep":"","tlshash":"5ab092a7a1ee90894fab51d910c35481562a97263898868128b099a49e31cb0d63aadc","size":114,"data":"","first_seen":"2023-05-07T19:10:45Z","last_seen":"2026-04-27T07:26:42.28741Z","times_seen":6048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/common.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/scripts/common.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 Aug 2025 08:59:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b2bd55-23b1\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9137,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (5035)","md5":"0581f383b3af97e9012ea6b206f6e3d1","sha1":"30897aca017dca29ec7b66022bcb300c3c928b41","sha256":"2208ba1d545a707b1f5c997da9b471abdfe81eaa7f79e7c1e20d4b5593c65170","sha512":"2281b9b3f1cdce3294690c5843a0c196bbc5d7201db139e4d8c3cf5bd45e48f4f6d483ac0283218650b339d29d947c01ae869c99b5733826f4280a0951eff715","ssdeep":"192:+BqBy2BjPo1ilckiWOQ0TzYC83fCQacaEr:d52iqkDX0TzYC83fCQh","tlshash":"7c12d7ad4634c67900fa148f314efb62b1385a8e7c55e490716ecc1a713decb4a72be9","first_seen":"2025-12-26T13:37:44.416567Z","last_seen":"2026-04-27T07:26:42.195986Z","times_seen":3,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-right-3.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-right-3.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1852\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-73c\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1852,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c6211162e103961458f3c19bcc9a2571","sha1":"d2722f202b70ef0ef50177be3698e8876c17f176","sha256":"2f16c95955b132c9f8c6495fb5e4b7fb6988789240ddf779e022fe4458830b63","sha512":"95f94240c16e78753782d17532f8058b335d478f25867d98f55d02502edd5bc323de431c743345030528ba4b1c324c0771747f173460659dff7050bb9d1acdf7","ssdeep":"","tlshash":"153119d90db897558b28861230978d4a679900ecac81ff07288cd65b2709d9f012fa8b","first_seen":"2025-06-27T08:10:52.442966Z","last_seen":"2026-04-27T07:26:42.249841Z","times_seen":173,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/star-five-pointed.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/star-five-pointed.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 636\r\nlast-modified: Mon, 01 Sep 2025 07:36:39 GMT\r\netag: \"68b54d07-27c\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":636,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1652c7660f0f4cb2abe5ccc27de1ee6c","sha1":"ed0b317cac25c7e4223bf44ad2d701059fe828ef","sha256":"787cf973519cc12ec247a71aeebdd50e650a2b1d42d744f28cca2ad3bd09f502","sha512":"0ea7b83d4f34299f826730b0f3b8850beb3c9a4a64da65936386a350c007a3c1de12849f8a8bfc5b5f994df35351ec0fa9c16399603e37280d03f81db24a5251","ssdeep":"","tlshash":"bef0624759e81cdbce071abda12d3bff41cb88cd65c2d9920640389a01e2248ca73e67","first_seen":"2025-06-27T08:10:52.470152Z","last_seen":"2026-04-27T07:26:42.187078Z","times_seen":168,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/treasure-chest.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/treasure-chest.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9634\r\nlast-modified: Mon, 01 Sep 2025 07:36:39 GMT\r\netag: \"68b54d07-25a2\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9634,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3c5f84142165c83ebe07b92fd915b766","sha1":"4fc740bce87038a3487c8b26dac4c74aa60c0b42","sha256":"477857618cf5ceacbca3fd2a9c4832a379367522c00c3c8c4a7dfd4c00ae154d","sha512":"972b45d54818fe0e37aa0e9f5144edba92c42e696d7860b15de5488f6345e8d1f7fc4338a710396270e64cd52e00c3f5246ad8a50d2835ee48842630a9d8841d","ssdeep":"192:QzrXoONKS80ZzKZMWjjegJpungh20//DLf85OwSYh5Nz6PdVpzQX6Fr6av+um:QzboGKoZXWjj7pggX05OhYPNz0pzc64j","tlshash":"f912afa27d8d5601c86720b5d3b87329e58efc3f4de9df1ad4414a4119068a26abd38b","first_seen":"2025-09-17T22:26:52.934914Z","last_seen":"2026-04-27T07:26:42.254042Z","times_seen":26,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/hand.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/hand.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2822\r\nlast-modified: Mon, 01 Sep 2025 07:36:39 GMT\r\netag: \"68b54d07-b06\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2822,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d97b733d27b3d23b94f366abe4949987","sha1":"2864ceb8b1e13a08f4148ee00a914a3cae8382c6","sha256":"a73037b7383c7541863999285ed16cd2001918251e4d75d4f2a5e5fdc429ae8e","sha512":"6fdfe1c40444471feed324990f371f410defca6ab2a191d430742610123304e388e1fa71556b77a3b96426af67faead5c24ad1c6c322c8c47ac4c6c182bee9e3","ssdeep":"","tlshash":"66514c2c535f7910da8eac0c77a1874f0c474ed5807b9b3c14666615a72beb908fcb52","first_seen":"2025-06-27T08:10:52.459129Z","last_seen":"2026-04-27T07:26:42.157002Z","times_seen":217,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/shared-YENF7BNC.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/scripts/shared-YENF7BNC.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/assets/scripts/main.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 01 Sep 2025 07:36:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b54d0a-108a\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4234,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"1fa0e36f829e3be6e7a97ebd59ea5271","sha1":"3341b1d62c76df3ff6819eb846aef1e2a2337ca9","sha256":"a768d4cad01e75f69740ffb4f0fcb63de89cf2c663b5360a1b2712149f6f1f01","sha512":"3aecfa8bb53aedeeee741d1ab971230b9e61d18cdd83e69df2f4d4d9a89143f11495b145fbf457b27089f0aabba04f69a470e31bee858cedac3da1e1e99433a7","ssdeep":"96:WmMI0eaH/WZCyqqZeBogQh9qiSyJC+4UpEi+3hyQxy1y8v:MdHeZtGOth9q7yJC/aEi+xyQxyMM","tlshash":"4f91bc1d07f316b781b730188b4fe86aab6a89473748ce487e9c5b501f18865d6e27c8","first_seen":"2025-09-08T23:30:06.897907Z","last_seen":"2026-04-27T07:26:42.189894Z","times_seen":29,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afrdtech.com/v2/check","fqdn":"afrdtech.com","domain":"afrdtech.com","tld":"com"},"ip":{"addr":"31.220.27.154","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afrdtech.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 12:22:10 GMT","end":"Sat, 11 Jul 2026 12:22:09 GMT"},"fingerprint":{"sha1":"F8:C0:5B:3D:C6:11:15:C3:C3:1F:D0:25:38:58:06:02:E1:DA:CC:51","sha256":"7C:90:C7:DD:6C:5E:64:E5:6E:04:41:6D:2E:68:E7:DF:4F:2C:6A:A6:E5:47:A5:3E:CC:99:66:BB:B0:02:17:05"}}},"request":{"raw":"POST /v2/check HTTP/1.1\r\nHost: afrdtech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 1874\r\nOrigin: https://a.vilo.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1874,"data":"{\"version\":\"1.0.2\",\"v18\":false,\"v19\":false,\"v20\":false,\"v124\":false,\"v129\":\"00000000\",\"v130\":\"111000000000\",\"v131\":{\"101\":0,\"108\":0,\"112\":1,\"114\":1,\"122\":1,\"123\":0,\"139\":1,\"141\":1,\"151\":1,\"154\":0,\"166\":1,\"167\":0,\"171\":0,\"182\":1,\"189\":1,\"197\":0,\"199\":0,\"209\":0,\"217\":1,\"223\":1,\"231\":1,\"241\":1,\"271\":1,\"285\":1,\"287\":1,\"298\":0,\"299\":1,\"301\":1,\"302\":1,\"303\":0,\"312\":0,\"314\":1,\"317\":1,\"318\":1,\"329\":0,\"332\":1,\"336\":1,\"338\":1,\"347\":1,\"349\":1,\"350\":1,\"365\":0,\"385\":1,\"406\":0,\"407\":1,\"412\":1,\"415\":0,\"419\":0,\"421\":1,\"430\":1,\"431\":1,\"432\":1,\"434\":1,\"436\":1,\"438\":1,\"466\":0,\"469\":0,\"473\":1,\"477\":1,\"478\":1,\"488\":0,\"496\":1,\"499\":1,\"506\":1,\"510\":1,\"513\":1,\"525\":1,\"528\":1,\"529\":1,\"535\":1,\"541\":1,\"558\":1,\"561\":1,\"575\":1,\"589\":1,\"591\":1,\"594\":1,\"595\":0,\"610\":1,\"618\":1,\"622\":0,\"625\":0,\"642\":0,\"650\":0,\"657\":1,\"669\":1,\"670\":0,\"675\":1,\"676\":1,\"680\":1,\"682\":1,\"686\":1,\"690\":0,\"694\":1,\"701\":1,\"702\":0,\"711\":0,\"714\":1,\"715\":1,\"722\":0,\"730\":1,\"731\":1,\"735\":0,\"736\":1,\"737\":1,\"752\":1,\"755\":1,\"759\":0,\"767\":0,\"772\":0,\"805\":1,\"816\":1,\"824\":1,\"826\":0,\"830\":0,\"861\":1,\"863\":0,\"866\":1,\"868\":1,\"871\":1,\"877\":1,\"882\":1,\"887\":1,\"889\":0,\"895\":1,\"896\":1,\"906\":0,\"910\":1,\"913\":1,\"915\":1,\"917\":0,\"932\":0,\"937\":1,\"941\":1,\"945\":1,\"959\":1,\"967\":0,\"974\":1,\"992\":1,\"995\":1,\"998\":1,\"999\":1},\"v132\":[0],\"v128\":\"111\",\"v106\":false,\"v119\":0,\"v133\":\"c,m,s:13.3333px Sans;f:16px serif;sf,ca,em:146;ss,su:140\",\"v17\":100,\"v12\":1280,\"v11\":1024,\"v57\":1280,\"v58\":1024,\"v16\":\"landscape-primary\",\"v14\":0,\"v15\":0,\"v13\":false,\"v118\":false,\"v10\":48,\"v55\":true,\"v54\":\"llvmpipe\",\"v56\":\"Mesa\",\"v51\":\"llvmpipe\",\"v53\":\"WebGL 1.0\",\"v52\":\"WebGL GLSL ES 1.0\",\"v25\":null,\"v24\":false,\"v26\":\"https:\",\"v35\":1777274682708,\"v34\":0,\"v155\":\"UTC\",\"v43\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"v23\":\"en-US\",\"v28\":\"\",\"v115\":\"\",\"v150\":\"\",\"v156\":false,\"v110\":\"\",\"v111\":-553382699269664,\"v134\":\"436274215\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccept-ch: Width, Viewport-Width, DPR, Device-Memory, Downlink, RTT, ECT, Save-Data, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version\r\naccess-control-allow-headers: X-Requested-With, Cache-Control, Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://a.vilo.click\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"db2a063e4f0b9b018cc72cfedd52688c","sha1":"ef96640a98112bbd3df5cebd3a0ffd6c797b795d","sha256":"7b03c998d4a235296b2ebceabe30065f4fd88c8a638ca35fa1a4d8fd91a7505a","sha512":"9806b481fd50c2d93a011913bffd44801709d1b2190441cf7a5c472f753f97a2fbfeac9b693f4fb1b5e8c6990ebe9e146d28acacea66ee93b93b30a80de84218","ssdeep":"","tlshash":"ae9004c3c31c33c1037c37d50444140d541d0f043c004c4ff150f51c005403d7741505","first_seen":"2025-06-12T07:19:56.722846Z","last_seen":"2026-04-27T07:26:42.173996Z","times_seen":435,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-left-1.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-left-1.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2696\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-a88\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2696,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1d44fd2b18f49855ac378ec502fce4c8","sha1":"ea7a361176c62cbb1d4043446f05e589c8503ee0","sha256":"610993397c2b29c04cf514cf09daa9653f55d1b446645ea82e78eff3c53890c3","sha512":"45752f1e3e7c81f2b13ad91c159ac4e79a8bd32433f2b574f7e9f02c1efb489d3eec5b4a391f659f81ea41173f2343084ff04f13c1bc9b3a9c12d95e692c649b","ssdeep":"","tlshash":"36511a39c32c5f56c04025ba1b544346db05bf211597ab666b024d459e809d2b98e1da","first_seen":"2025-09-17T22:26:52.941729Z","last_seen":"2026-04-27T07:26:42.1999Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-left-3.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-left-3.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3834\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-efa\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3834,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ddc379023c0cb5feafe0420f410727fa","sha1":"39f7090fcf1b15042f427a80d1a26dc570d89da2","sha256":"81e197c469516968d7d7872e4a113179dcbc9ecea6b5a689c491369666d7f766","sha512":"e3b8d75a0894a93184ad1e91ce5f37273f4696d068a481ab2a4e7c673f12ef090681007d68be53be87e54b81853407a1096abc1401d95d0ab0612ae235704d07","ssdeep":"","tlshash":"f6816d73eb92e43cb12d204100cb387155f69414726f94f91e66f0280fd4f7978626f9","first_seen":"2025-06-27T08:10:52.488618Z","last_seen":"2026-04-27T07:26:42.239434Z","times_seen":174,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-right-2.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-right-2.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4738\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-1282\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4738,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ea363c4eb09396dbb86e7738437dc580","sha1":"24eefdc07cd0a817cddb40633f31e75de8f3e6c5","sha256":"898586343f351fad0511a99a06de347447c66118c3a0ba254135a804d99b362e","sha512":"eb6f111499255cc4025714847f6594b9f10ba17980dd34f25ca150729930f1a0e68723f02f16e325b92da1df6f443197ec50361a14c03a12ad73913b9d574dda","ssdeep":"96:G0zruaEmQxYIQP8lqul01fG8uUKdLpXwtDl8NnHEp:7zruRmQxfzl01DatlwtDGlw","tlshash":"88a16ca60b40d3d3cde42ab8d945670dc25979512750d3fbe70311778e452f06ebd2ad","first_seen":"2025-09-17T22:26:52.911432Z","last_seen":"2026-04-27T07:26:42.245838Z","times_seen":26,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/r/km","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:43.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"POST /r/km HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 112\r\nOrigin: https://a.vilo.click\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG; tl_uid=9c357452-3a50-486e-9569-cf096cf96cb3; tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":112,"data":"{\"event_time\":1777274682999,\"tl_cid\":\"01KQ6X6Z5D14XT0TQ6QCQFYTYG\",\"auction_id\":\"\",\"kmnr_fraud\":1,\"kmnr_block\":0}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:43 GMT\r\ncontent-type: application/json\r\ncontent-length: 50\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncache-control: no-store\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ed6fb1539832243b4a2b02347b5b7f6b","sha1":"7ec33b46b3b1025e94d0d1eb5bcb1acfd16b00bf","sha256":"5ded25569842ae362c5db5f4603b8271c14def08c746f2d362f9af2e6e83f4ae","sha512":"2b4630d5890e1081b92fd4d2b0715d46a36a9ea682f2148a523be527254585a1cb0723f6d3e0695b4dfb394a9c17f79c20d85aaaa8ae3dc71740a91c4de9e17d","ssdeep":"","tlshash":"be90028865580318d840414d414c01a019459dc4a1150589165c0866459488695c9d44","first_seen":"2026-04-27T07:25:05.941297Z","last_seen":"2026-04-27T07:25:05.941297Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-27T07:24:42.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 28 Sep 2025 19:00:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68d985c9-44a0\"\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17568,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9972)","md5":"b349c8ff13d54cbe58a33f64e7860cf6","sha1":"ae09e07c4decf44e67f1d47abaee8ea49e9599b6","sha256":"c33e90bc3b1e84138322d4bda006475194758d2cd7a23d2e271059e988e18d3a","sha512":"ecedda6c82371165a48ffaf3ece02be2972fb310161c800a9fefa273564b8e9ff126d7ee745c1164c97f93a9af44d95703dc71167eb37e8ac790b570d71bd7dd","ssdeep":"384:xYTuZIXmJ+oLZ3/Tw1xFjz2AkOIKZ6DuKKBVwH/Tma3Fgc+rZaVLx82AcM:xYTuZIWJzZPTw1xdz2AkOIKcDuKKBVwQ","tlshash":"9b82a64076e2fda3325326b77326b7d9f86946db68054485b16cb8a0bfd1e02f6d3074","first_seen":"2025-12-26T13:37:44.412446Z","last_seen":"2026-04-27T07:26:42.159748Z","times_seen":3,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":139,"dns":73,"connect":23,"send":0,"wait":23,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/locales/en.json","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /locales/en.json HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG; tl_uid=9c357452-3a50-486e-9569-cf096cf96cb3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 528\r\nlast-modified: Mon, 01 Sep 2025 07:36:28 GMT\r\netag: \"68b54cfc-210\"\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":528,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"45cbeaee0dbcec0b4fa61abe2606b814","sha1":"aa7b57ceed1dcc209274e99723968762e02820e9","sha256":"f769cb4b66bc6b259060194d056790b013f53d5715e35535879cbefe6dd31d4c","sha512":"196f3a1a598f0777b0c091cf596234d172e0b3ead0b64a5b95bd079ffd084cb4d6696a43859f47aa832048af2f5081bcefac438b485c2c1076f485cb4077a186","ssdeep":"","tlshash":"04f05984e561092208e17e2256637a429948170b0a7c383c6fdd6dec2b7c63fa1ba40f","first_seen":"2025-12-06T01:18:53.638942Z","last_seen":"2026-04-27T07:26:42.16862Z","times_seen":4,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/star-four-pointed.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/star-four-pointed.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 492\r\nlast-modified: Mon, 01 Sep 2025 07:36:39 GMT\r\netag: \"68b54d07-1ec\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19a648d7f4abdf58b681f4c290afb76b","sha1":"0bc732bf13be96c7ed11b60f83a7b0ad7ba1d972","sha256":"854ccfd95646ea558658b455501a0e94e134e8c3ece9be385ac1cff401e2eb3d","sha512":"1e3d9d9c2a14591d08e01408fcabd92e5099d58fc8bd3f0534b38382b27a9726e35670a0d286069bcfb35ae0512192820fd773ec344f6754e263b5487f71180d","ssdeep":"","tlshash":"72f00e75d2086a80dbd48c7ca9d88328b5b4b34c21d854bd04bbe4a888023e83cf5ce8","first_seen":"2025-06-27T08:10:52.462074Z","last_seen":"2026-04-27T07:26:42.224826Z","times_seen":168,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/shared-P22NF6LM.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/scripts/shared-P22NF6LM.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/assets/scripts/main.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 01 Sep 2025 07:36:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b54d09-1b25\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6949,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"08606ce09fae6ff973e73b9467ea8956","sha1":"110b39554d8a4f59e2c710bf56e33892943530ff","sha256":"b691ed2532989969f5f6eb8bd78ce76876124c18e13dae5cdf8576765fd103be","sha512":"2e96bc3c9c989030e19b9c220b65b326a77120d28ae6d8fb0ed4914c01c68a49f44a694f30987955770e4a95ad118fb3883623d9719ccebd151cf7f99ed4de1e","ssdeep":"96:xiUTPwN2kgGiQf50Mzd7EtZp5gnFP+f9t1Q5faWmL4a20ICxTRcR1:VApiQf50MVKZp5yFP+f31QxmcRCxTo","tlshash":"1be13f2c95b7928701e711ac061fa226353c991b3e88f8c87eac42542f6ec5f94f27dc","first_seen":"2025-09-08T23:30:06.888269Z","last_seen":"2026-04-27T07:26:42.208019Z","times_seen":26,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/r/fp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"POST /r/fp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1167\r\nOrigin: https://a.vilo.click\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG; tl_uid=9c357452-3a50-486e-9569-cf096cf96cb3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1167,"data":"{\"event_time\":1777274682686,\"tl_cid\":\"01KQ6X6Z5D14XT0TQ6QCQFYTYG\",\"tl_uid\":\"9c357452-3a50-486e-9569-cf096cf96cb3\",\"click_id\":\"\",\"ua_raw\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"browser_family\":\"\",\"browser_version\":\"\",\"os_family\":\"\",\"os_version\":\"\",\"device_type\":\"\",\"device_vendor\":\"\",\"device_model\":\"\",\"browser_lang\":\"en-US\",\"timezone\":\"UTC\",\"landing_id\":\"sweeps_clickbox\",\"landing_url\":\"https://a.vilo.click/\",\"project_id\":\"1\",\"screen_width\":1280,\"screen_height\":1024,\"dpr\":1,\"cpu_cores\":48,\"ram_gb\":0,\"gpu_vendor\":\"Mesa\",\"gpu_model\":\"llvmpipe\",\"ch_ua\":\"\",\"platform\":\"Win32\",\"url_cid_present\":0,\"url_cid\":\"\",\"url_cid_valid\":0,\"cookie_enabled\":1,\"cookie_write_ok\":1,\"ls_ok\":1,\"ss_ok\":1,\"idb_ok\":0,\"storage_persisted\":0,\"storage_quota\":6309050368,\"storage_usage\":0,\"viewport_w\":1280,\"viewport_h\":1024,\"color_depth\":24,\"pixel_depth\":24,\"prefers_dark\":0,\"reduced_motion\":0,\"prefers_contrast\":\"no-preference\",\"forced_colors\":0,\"hover\":\"hover\",\"pointer\":\"fine\",\"max_touch_points\":0,\"net_effective_type\":\"\",\"net_downlink\":0,\"net_rtt\":0,\"save_data\":0,\"query_raw\":{},\"extra\":{\"cid_iat\":1777274682540,\"client_version\":\"fpjs-1.2.0\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 69\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncache-control: no-store\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c8d4baf623f0a92d2d0e659e584c46f6","sha1":"f9bdd9133d449bbdbe30b030805df70cd61e74ed","sha256":"9c92143a7ac08b236d8a912ab047f9032176acb056edd09dbd9df9aac32a6e13","sha512":"38f05240225028aedb40e0137538bf8383ff163e4bbd6cfefac3226b04f50689d440fb710c627deaef95ad7f8a271e38e57b839bd9c2713c104cd03f8268ab6c","ssdeep":"","tlshash":"02a022a00000833f0cc828fe008e028020c22cf3823300ba208c08e23a8c8e00008000","first_seen":"2026-04-27T07:25:05.957529Z","last_seen":"2026-04-27T07:25:05.957529Z","times_seen":1,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afrdtech.com/v2/check","fqdn":"afrdtech.com","domain":"afrdtech.com","tld":"com"},"ip":{"addr":"31.220.27.154","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afrdtech.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 12:22:10 GMT","end":"Sat, 11 Jul 2026 12:22:09 GMT"},"fingerprint":{"sha1":"F8:C0:5B:3D:C6:11:15:C3:C3:1F:D0:25:38:58:06:02:E1:DA:CC:51","sha256":"7C:90:C7:DD:6C:5E:64:E5:6E:04:41:6D:2E:68:E7:DF:4F:2C:6A:A6:E5:47:A5:3E:CC:99:66:BB:B0:02:17:05"}}},"request":{"raw":"OPTIONS /v2/check HTTP/1.1\r\nHost: afrdtech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://a.vilo.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://a.vilo.click\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,pragma,Authorization,\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH, HEAD, TRACE, CONNECT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T13:20:13.402452Z","times_seen":14281195,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":44,"dns":1,"connect":17,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/styles/style.css","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/styles/style.css HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 28 Sep 2025 22:11:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68d9b2a3-1bce\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7118,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e6fd0c8d0be4cd6fd2afc9cf74b86256","sha1":"314f4e4bf38cdd6f9e97c7fb5125832fbac28d87","sha256":"d963d13b69dce823d3ea35e3d50b1f5dde834d6c06508ca9d62a490f9a5a447e","sha512":"e6955b23ad058aae69e8d06d32ce33d432a9a785b83747af310738dc5d3ee56c474513db924a716bed27f8e5bdbe58a7ab6ab023e680096181edccf115bbef57","ssdeep":"192:NyemdhJTZJLaXmxM4hM46PhlnCp8R/ulg/:NyVv42xEhPNu2","tlshash":"09e133584bb8aa04b46fc1b57991ebd8632c40c1de0fcd5c96f378985e8839535a3fc9","first_seen":"2025-12-26T13:37:44.38873Z","last_seen":"2026-04-27T07:26:42.24176Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/core/session.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/core/session.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 01 Sep 2025 07:57:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b551f8-1fd66\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":130406,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"fe1f2c1f501910ea98536dc9802a3b30","sha1":"1a1d1b222a9cdc994dd82d18c676e77704466576","sha256":"b6f93c626026be31bb5f7aa5274537d057376fc9a87fe14497e81b176679a83a","sha512":"256f280f5a0fb39b70caef08525250c7224ae03c1f8c950e003170fe49ba7894e61b283d5f901678a6a0b0df1897461f2920ddbb1a83f44befd4d41fd18f0d7d","ssdeep":"3072:9YggiG3JkiARo2AxDby7ESBvc+hALkkdgoP/:U93JkidxxDby7lvc+q6oX","tlshash":"b7d3418073c1b88163471f76732bb2f5d42a4cea7588488af114fd94f4ba61afae5570","first_seen":"2025-10-01T18:00:42.818957Z","last_seen":"2026-04-27T07:26:42.274568Z","times_seen":9,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/core/activity.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/core/activity.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 01 Sep 2025 07:57:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b55203-12b04\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76548,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b02f79eeee2ab245b95cfe5e2a5b7b8f","sha1":"9a20494e2fe95f242c90d11f1c165f86cb62038d","sha256":"dcdbd19a121240cb41c0f357d9af115b522e0d71cb7b1a1a8ff2029873822696","sha512":"6714ccaceeb9b1cbf923fab39e41f4ea0290d76843914360bfc42d9ae735ce7417e5e253d2d5da1ccb519cde1c69782b68cd7109cf56ed965455278e933af50a","ssdeep":"1536:qB3kINsGp6rm5Uquul2ydS6z8QHijbawrj0WWkF4ZVw7C7DSsNY5r49ofHBD3:03dNsEfUq0TTjba0AjKBD3","tlshash":"1073408073c1bc81138f6bbb772bb5e5f62a49ed7588488ae414bc44f4bd606fad0674","first_seen":"2025-10-01T18:00:42.827869Z","last_seen":"2026-04-27T07:26:42.203991Z","times_seen":9,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-left-2.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-left-2.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2268\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-8dc\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2268,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"35e4c6e712ea741379180333c9eda6a1","sha1":"640ee747797bce5f4d45283edb5bc994bd25ff73","sha256":"3242a5bb7bf12882f4a48c286b2a23d59cfe516a8808333e8119b55c16fc92c8","sha512":"cfd9230c3e6c1fd2b0550dbfd66ee4d43debc0a73ed54da9feed7a85764faac7a84e9b79551af9e2276b83f37decc675a25659e02da7234677acd49e0d891d65","ssdeep":"","tlshash":"a841e9334b120bc7e5bd02f86c419b22d6377f410e5593af62c282275fc59d1ae0a6cc","first_seen":"2025-09-17T22:26:52.897889Z","last_seen":"2026-04-27T07:26:42.258273Z","times_seen":26,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/locales/en.json","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /locales/en.json HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 528\r\nlast-modified: Mon, 01 Sep 2025 07:36:28 GMT\r\netag: \"68b54cfc-210\"\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":528,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"45cbeaee0dbcec0b4fa61abe2606b814","sha1":"aa7b57ceed1dcc209274e99723968762e02820e9","sha256":"f769cb4b66bc6b259060194d056790b013f53d5715e35535879cbefe6dd31d4c","sha512":"196f3a1a598f0777b0c091cf596234d172e0b3ead0b64a5b95bd079ffd084cb4d6696a43859f47aa832048af2f5081bcefac438b485c2c1076f485cb4077a186","ssdeep":"","tlshash":"04f05984e561092208e17e2256637a429948170b0a7c383c6fdd6dec2b7c63fa1ba40f","first_seen":"2025-12-06T01:18:53.638942Z","last_seen":"2026-04-27T07:26:42.16862Z","times_seen":4,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/main.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/scripts/main.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 Aug 2025 08:59:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b2bd79-1c71\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7281,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"807cfd7b25f9ac18904b4f5264a16285","sha1":"c232e08e8a5899048c88a5dce5fea7663364dcce","sha256":"a88e4b5358bd71423be91c8a1f6df6efbd9357de53b03cb8f36f96fb2acb8c92","sha512":"27a98e248ca9e9f34c23086aa1175d2fbd822e8f2dbab00b07f95568592dc100cc411df835f237f6221ac4f82cb765ea486083ce33e3f9ebb26bda49e8ed1d1a","ssdeep":"192:aLJrhQC3c7jqGqBC80q5iLuLzRzjXMBPjQR7if:WrhJcaBW","tlshash":"41e1ce1926b300bb9173685d57cf6300ba109003be04dda838fd9706af5b97a6ae37dd","first_seen":"2025-12-26T13:37:44.413533Z","last_seen":"2026-04-27T07:26:42.235453Z","times_seen":3,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-left-4.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-left-4.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2042\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-7fa\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2042,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"adcabd6f278889f1e1c73a77d6fa6e08","sha1":"c414b093e48114f84e6c038a577857f110a30031","sha256":"3925b87d2aec26251d1e56893cd43f5fb8e5cfd30c07b90ce6a2746d60d7bb6c","sha512":"ee7f60e6bffcbd010888db6a665a26dedb28299dfb3cdbf66ccba3261e9dafd1c7d1a10f682c1f332b26b9282b3932231cc7e1f606b436020d65255f8d6061a2","ssdeep":"","tlshash":"2b411a1a5129544afa3d4b4d1b36e4e1559b0008ff079d69f4c6080de69f805df49fdc","first_seen":"2025-06-27T08:10:52.427087Z","last_seen":"2026-04-27T07:26:42.216692Z","times_seen":173,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/cloud-right-1.webp","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/cloud-right-1.webp HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3690\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\netag: \"68b54d06-e6a\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3690,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2416052edb8b7780d5d58d358402cc0a","sha1":"1eaff7a3df5ced62949db161da2cef401557b317","sha256":"4f78513050899ef3b46a71cf2e3f536e88a1ceb0893b96480b9d135004952c1c","sha512":"03f0a6190731d4c4ac9f28f1be1d03000ce265d25e8fe3abaae0c634f113040a20daea0d6e35d7ff470929293c0a70d1198025b6d96851c92dec0babacfa19d3","ssdeep":"","tlshash":"01716d806302776ec19016f220e81310ee56faf047d394035667a61a6fcc374cb5ccde","first_seen":"2025-09-17T22:26:52.930096Z","last_seen":"2026-04-27T07:26:42.22078Z","times_seen":26,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/images/favicon.ico","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/images/favicon.ico HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG; tl_uid=9c357452-3a50-486e-9569-cf096cf96cb3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Mon, 01 Sep 2025 07:36:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b54d06-3aee\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"5bda0c66a9b2569ec0ceafa224446259","sha1":"34690a63284f8828d40dca7f11d755cd62cfd0c1","sha256":"704cdd4631c83d9f8b1b4bdebc02bd3a7a2177d21aae65df4e23302b509dddfe","sha512":"818d1a78ffede27ee5895d75dd74129946adf134d9dfc0dde347b15d8f8b343ce2efdfe2938b342119639374df7a7a3e832e0b45bd30f806066749b59f1f0abb","ssdeep":"192:jjYnmpdPEypTiJZSnFsMhnVD6WtEHfQsXTdFvGDD0vD5F1DMAaVe0e:jjXpdLAaFxVDxSfQsTkAlDMe","tlshash":"51626c586b39ee5bc0764a749550f3b522d81fd23806e89385d5dccfb0288e6638322e","first_seen":"2025-09-17T22:26:52.946049Z","last_seen":"2026-04-27T07:26:42.192116Z","times_seen":12,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/assets/scripts/translateElements.js","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"GET /assets/scripts/translateElements.js HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 01 Sep 2025 07:36:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68b54d0a-774\"\r\nexpires: Wed, 27 May 2026 07:24:42 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000, immutable\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1908,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"c0045c1c663de2f4552758cb9306bda7","sha1":"216fef10423e5384a2cfb14f8b37cb258950a5f9","sha256":"6c15ded3ab089d2a99ec256de188c81f8c048901924cf37d8add529d3e400a1f","sha512":"8d43bfb016ff2f84bc435c23ba3cf6f88a010e6eb02157292308af270b5307a47b0fd8b9a2a627b01bc35aeacc8b4363cbaedc43a1180043995b3bbfd302c38a","ssdeep":"","tlshash":"0341ce2865b7022b855720af9fc340d9ba3859033125dc583b9d8b421f84e3c87dead4","first_seen":"2025-09-08T23:30:06.869851Z","last_seen":"2026-04-27T07:26:42.154716Z","times_seen":43,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afrdtech.com/v1/script.js?kmnrKey=436274215","fqdn":"afrdtech.com","domain":"afrdtech.com","tld":"com"},"ip":{"addr":"31.220.27.154","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afrdtech.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 12:22:10 GMT","end":"Sat, 11 Jul 2026 12:22:09 GMT"},"fingerprint":{"sha1":"F8:C0:5B:3D:C6:11:15:C3:C3:1F:D0:25:38:58:06:02:E1:DA:CC:51","sha256":"7C:90:C7:DD:6C:5E:64:E5:6E:04:41:6D:2E:68:E7:DF:4F:2C:6A:A6:E5:47:A5:3E:CC:99:66:BB:B0:02:17:05"}}},"request":{"raw":"GET /v1/script.js?kmnrKey=436274215 HTTP/1.1\r\nHost: afrdtech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\naccept-ch: Width, Viewport-Width, DPR, Device-Memory, Downlink, RTT, ECT, Save-Data, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version\r\naccess-control-allow-headers: X-Requested-With, Cache-Control, Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48443,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47316), with CRLF line terminators","md5":"f48b80c1714b3abd8406ea03109aae4f","sha1":"9680b5f9a5130d244d0642e90c560ffebeb99cd5","sha256":"841aa398f2a23c708901c9b98c30bde6bd7310d05a1ab3c35738eeff6f7dde20","sha512":"979be99ea84c45921dec7ddb5abc381140e1d5fbd1f070e3e5886668fa29372c0d6ef85563f2a2ada418ce955ba017a240a45a1009cbe781cd0ff1fb6cc899cf","ssdeep":"768:7YLCnCA+uPkdQfxLBF59jTzQs1R/Wh9AGdpMYcXJwF4aVOu6I:7pP/f5jXB/a9fdKYqwF9VOu6I","tlshash":"bd233aae7656b43480b75179083f7206f33e1a6ad509d480e666cc803de5b4b6127ffe","first_seen":"2026-04-27T07:25:05.986398Z","last_seen":"2026-04-27T07:26:42.163049Z","times_seen":2,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":67,"dns":27,"connect":17,"send":0,"wait":34,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.vilo.click/r/ev","fqdn":"a.vilo.click","domain":"vilo.click","tld":"click"},"ip":{"addr":"45.12.69.204","port":443,"asn":58057,"as":"Securebit AG","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://a.vilo.click/","date":"2026-04-27T07:24:42.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.vilo.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 21:57:59 GMT","end":"Fri, 26 Jun 2026 21:57:58 GMT"},"fingerprint":{"sha1":"72:31:A6:18:E9:4E:A7:5F:77:A2:55:C0:42:13:2D:06:68:D2:8E:8C","sha256":"49:7D:72:6E:32:E3:ED:5B:15:48:53:65:49:54:15:61:12:2D:DE:09:B8:C3:D5:E0:58:BA:43:DE:0F:64:69:45"}}},"request":{"raw":"POST /r/ev HTTP/1.1\r\nHost: a.vilo.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://a.vilo.click/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 460\r\nOrigin: https://a.vilo.click\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG; tl_uid=9c357452-3a50-486e-9569-cf096cf96cb3; tl_cid=01KQ6X6Z5D14XT0TQ6QCQFYTYG\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":460,"data":"{\"event_time\":1777274682796,\"tl_cid\":\"01KQ6X6Z5D14XT0TQ6QCQFYTYG\",\"auction_id\":\"\",\"tab_id\":\"9123cb1d-75a8-45ab-916b-9fb5bb27b197\",\"landing_id\":\"sweeps_clickbox\",\"landing_url\":\"https://a.vilo.click/\",\"events\":[{\"event_id\":\"52a4b29f-5404-477e-a925-5f2fb4961dcd\",\"type\":\"page_view\",\"event_time\":1777274682795,\"page_url\":\"https://a.vilo.click/\",\"ref_domain\":\"\"},{\"event_id\":\"528f42f5-a7d8-4b76-a018-c08758c72b01\",\"type\":\"page_visible\",\"event_time\":1777274682795}]}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Apr 2026 07:24:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 52\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncache-control: no-store\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0cd890d642fc06360194e0a63099bf5a","sha1":"aba3215292bf7876ca70fe3f32d0a346e94c2bea","sha256":"bfd4beb75787681be326f4e471f8df6f5209a6fa63675910e57fc657ffaa5ef8","sha512":"265158d19420ac3239a7c6d81330aa4590524521ce6c36804ff06fb3789a410a8b6495b56b11a3d058da7fcd68ab9bf437c36a059eb74dec7f7eadc0a7f0912a","ssdeep":"","tlshash":"d4900200259a617c2ac40021553a25e15d490c500c6582a290d900180a64084c368405","first_seen":"2025-10-01T18:00:42.807588Z","last_seen":"2026-04-27T07:26:42.27699Z","times_seen":9,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-27","alert":"Sinkholed","trigger":"a.vilo.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}