{"report_id":"136f624f-15ec-48e0-98b0-8d46996d2c03","version":6,"status":"done","tags":[],"date":"2026-04-20T13:52:19Z","url":{"schema":"http","addr":"laucing-rebannah.icu","fqdn":"laucing-rebannah.icu","domain":"laucing-rebannah.icu","tld":"icu"},"ip":{"addr":"108.157.229.49","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"laucing-rebannah.icu/","fqdn":"laucing-rebannah.icu","domain":"laucing-rebannah.icu","tld":"icu"},"title":"404 Not Found","dom":{"size":268,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"3c67a6a2d0c8884e991c36e18cfe81f9","sha1":"5fbcad3e6bfe0b2cf574631b28e6749fb4ed8092","sha256":"7e84f41940c281bc0db12384ab2acc5957535cb126e421861cc0924e06ca97b3","sha512":"262e73f3e9e055c93833655b6b9ad8218002f7e8e06c0565bdc5f5b0f5226dc72e201f06cd844dbc8df589a80600ec33def075d22f69b8fa279e68ed2661a831","ssdeep":"","tlshash":"05d0a50e44f14c4d3311077477c57760c846474fdd5bea21754f50625f9cd9556d31d8","dom_hash":"domhashc9874c2f5cf4fef27047d4c135f0c839","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"laucing-rebannah.icu","fqdn":"laucing-rebannah.icu","domain":"laucing-rebannah.icu","tld":"icu"},"ip":{"addr":"108.157.229.49","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T13:52:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-20T13:51:57Z","timestamp":1776693117,"ip_dst":{"addr":"52.84.50.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":55248,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-04-20T13:51:57.705346+0000\",\"flow_id\":2217698570115260,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":55248,\"dest_ip\":\"52.84.50.66\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"laucing-rebannah.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3128,\"start\":\"2026-04-20T13:51:57.694460+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"laucing-rebannah.icu","ip":{"addr":"52.84.50.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2019-11-12","domain_rank":0,"first_seen":"2020-03-23T09:00:35Z","last_seen":"2023-08-18T06:47:53Z","alert_count":0,"request_count":3,"received_data":2847,"sent_data":1259,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"laucing-rebannah.icu/","fqdn":"laucing-rebannah.icu","domain":"laucing-rebannah.icu","tld":"icu"},"ip":{"addr":"52.84.50.66","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T13:51:57.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laucing-rebannah.icu","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 20 Apr 2026 00:00:00 GMT","end":"Tue, 03 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1A:A9:41:80:A0:55:E1:C6:3A:87:37:F7:14:D0:6B:C2:CF:FE:54:6A","sha256":"82:4F:63:9E:77:3F:82:7E:61:F0:24:AE:96:A0:9D:41:FD:71:76:D1:57:C4:AA:9C:5A:0A:0C:17:88:BA:25:AD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: laucing-rebannah.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ncontent-length: 285\r\ndate: Mon, 20 Apr 2026 13:51:57 GMT\r\nserver: nginx\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nx-cache: Error from cloudfront\r\nvia: 1.1 efa1f20185894fba06fb038a3e989f24.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 00mC1tfUsUF3Xe7BfK9eUiHSCpp6a0pA3B5L4UrJM6O012-dACrigw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":285,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"da413d636546758ca064eb0b4299df76","sha1":"68dbe1a3b96ca3363366ed4aa5d8c8875a5f272a","sha256":"2207b3fc15a1a9d48750f117f81e714839c0f5a4a709023130c070ddd8184f89","sha512":"b16b9f95eb6d512c8c20a8db71bf6d0069d39fad85c037b30c1d4751ba3bf1db56ae8686521bebe64113c26f2dc9a7b6e2077e174d2bb47981e158736b2ca821","ssdeep":"","tlshash":"85d02b0d04e14c492300022477c03760c843478fdd9bea22354f50235fd8e9866a32cc","first_seen":"2025-04-13T11:09:04.29541Z","last_seen":"2026-04-20T15:21:35.448808Z","times_seen":901,"resource_available":true,"data":null}},"time_used":535,"timings":{"blocked":208,"dns":54,"connect":1,"send":0,"wait":118,"receive":0,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"laucing-rebannah.icu/","fqdn":"laucing-rebannah.icu","domain":"laucing-rebannah.icu","tld":"icu"},"ip":{"addr":"52.84.50.66","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T13:51:58.059Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: laucing-rebannah.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 \r\nContent-Type: text/html\r\nContent-Length: 285\r\nConnection: keep-alive\r\nDate: Mon, 20 Apr 2026 13:51:58 GMT\r\nServer: nginx\r\nCache-Control: no-store, no-cache, pre-check=0, post-check=0\r\nPragma: no-cache\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nX-Cache: Error from cloudfront\r\nVia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P3\r\nAlt-Svc: h3=\":443\"; ma=86400\r\nX-Amz-Cf-Id: VAp6HAlj3XfP12E71TJZeAxnMstCDOlWaWLETlaf5yRa7rjP8sp18A==\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":285,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"da413d636546758ca064eb0b4299df76","sha1":"68dbe1a3b96ca3363366ed4aa5d8c8875a5f272a","sha256":"2207b3fc15a1a9d48750f117f81e714839c0f5a4a709023130c070ddd8184f89","sha512":"b16b9f95eb6d512c8c20a8db71bf6d0069d39fad85c037b30c1d4751ba3bf1db56ae8686521bebe64113c26f2dc9a7b6e2077e174d2bb47981e158736b2ca821","ssdeep":"","tlshash":"85d02b0d04e14c492300022477c03760c843478fdd9bea22354f50235fd8e9866a32cc","first_seen":"2025-04-13T11:09:04.29541Z","last_seen":"2026-04-20T15:21:35.448808Z","times_seen":901,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"laucing-rebannah.icu/favicon.ico","fqdn":"laucing-rebannah.icu","domain":"laucing-rebannah.icu","tld":"icu"},"ip":{"addr":"52.84.50.66","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://laucing-rebannah.icu/","date":"2026-04-20T13:51:58.213Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: laucing-rebannah.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://laucing-rebannah.icu/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: CloudFront\r\nDate: Mon, 20 Apr 2026 13:51:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 919\r\nConnection: keep-alive\r\nX-Cache: Error from cloudfront\r\nVia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P3\r\nAlt-Svc: h3=\":443\"; ma=86400\r\nX-Amz-Cf-Id: 2PAxnJDpVnhNqjODEt7Smed88CJt_vGyUvmFX_mQySYdBhXYMgLhNg==\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":919,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"766694469ec194bcde1f7f1dbcfd3d90","sha1":"ff92af2346ded54711b511ceaceb1e942fc0f861","sha256":"ab215dd43f8b8b84093b38fc98cf3f8dd3e7544ab0c472c3cbf9ac8cd18af9a9","sha512":"952935467a06c4130badf650980a561f2ed78325088bec7e325ec3569fa46864203f712dfaef6e216a0a66a8cff13a6ba727994dadcffea1d028b39cccf59b33","ssdeep":"","tlshash":"6611eb1fd85c301653437005df84db7c563552bed1b2019870b1005e21a73d4c3f50c2","first_seen":"2026-04-20T13:52:20.265409Z","last_seen":"2026-04-20T13:52:20.265409Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}