{"report_id":"157c25e2-aed9-4b6e-b927-8eec1f371cef","version":6,"status":"done","tags":[],"date":"2025-09-21T17:39:53Z","url":{"schema":"http","addr":"supportagentblue.com","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"supportagentblue.com/","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"title":"AgentBlue - AI Automation Solutions for Modern Businesses"},"submit":{"url":{"schema":"http","addr":"supportagentblue.com","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T17:39:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-21","alert":"Sinkholed","trigger":"supportagentblue.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"supportagentblue.com","ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":448862,"sent_data":1947,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"supportagentblue.com/assets/index-BJR0TQNe.js","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4acee88c2290d78472e2a09d914a23c8","sha1":"196d50aa23deb2573a653adc37ca09ae5d3936b8","sha256":"5067a3075b05bb33683399029c167f361589a63b03c35146af1ed2e3a78fe3c5","sha512":"e2f89583d420d250716fbeba28bdfe0b663ad14f531bcfd5434b85348945e5b9be032d22b9682bc7e2fd10d6c932a5219631e4cbff2f4348ca2b9e7fdbc9e07a","ssdeep":"6144:gg3X1H3DwjsEPrINSADyz2LOJHulumklK9:PViINSAD7Kuluu9","tlshash":"91748d88b055b6bdafb705e5507f410a733d2916e81d8460f02cec6967b054aa2bbffc","size":369344,"data":"","first_seen":"2025-09-21T17:40:15.114245Z","last_seen":"2025-09-21T17:40:15.114245Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"supportagentblue.com/assets/index-BT4Ivq23.css","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://supportagentblue.com/","date":"2025-09-21T17:39:32.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supportagentblue.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Sep 2025 16:06:28 GMT","end":"Sat, 20 Dec 2025 16:06:27 GMT"},"fingerprint":{"sha1":"99:3F:FB:EA:0D:FF:FD:89:F8:BD:E8:C4:8B:26:47:A2:45:C4:82:F2","sha256":"11:F0:16:A5:B7:A7:5B:81:02:38:DB:66:19:21:8B:F3:22:1E:1F:C0:82:00:5F:E1:09:1E:3E:BC:04:11:77:10"}}},"request":{"raw":"GET /assets/index-BT4Ivq23.css HTTP/1.1\r\nHost: supportagentblue.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://supportagentblue.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 21 Sep 2025 17:39:32 GMT\r\netag: \"0af9dcd6cf1bb682c4438efa40f79302-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01K5PNR2B5V8T7X1GF6CMHCNR2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":68759,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4498968a7643308b58b1336a01c31445","sha1":"18578e3d70159d5010a29a8241dd0cb37bccafa7","sha256":"ec1d1c3dc938cfbc0358fef662f876f25ec61790530f07183e411aa92c326221","sha512":"4dfe3c92a315368905766552df4e543e6621f53a0a43d6742dc65a46e68c1ce75062c00650fe249d45bb0a7ed4c6f9264f2956dd5d898f5fc169c27fdd2a79ac","ssdeep":"1536:SqalEhNHOYRk2UNaGFCr378VQZkt5FNCoRm:SqwEhNHPk2UNaGFCr378VQZkt5FfRm","tlshash":"e0637519b919613e3c2790e883cc76ec611ef0c0de3a06b97e9a41216bd37f61db7558","first_seen":"2025-09-21T17:40:15.110929Z","last_seen":"2025-09-21T17:40:15.110929Z","times_seen":1,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-21","alert":"Sinkholed","trigger":"supportagentblue.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"supportagentblue.com/favicon.ico","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://supportagentblue.com/","date":"2025-09-21T17:39:32.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supportagentblue.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Sep 2025 16:06:28 GMT","end":"Sat, 20 Dec 2025 16:06:27 GMT"},"fingerprint":{"sha1":"99:3F:FB:EA:0D:FF:FD:89:F8:BD:E8:C4:8B:26:47:A2:45:C4:82:F2","sha256":"11:F0:16:A5:B7:A7:5B:81:02:38:DB:66:19:21:8B:F3:22:1E:1F:C0:82:00:5F:E1:09:1E:3E:BC:04:11:77:10"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: supportagentblue.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://supportagentblue.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Sun, 21 Sep 2025 17:39:32 GMT\r\netag: \"b4e7ba6b4e4dc06a661ce5e811167d0f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01K5PNR2W5EBC35FMRAZCEV1ZA\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":7645,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 73 x 74, 8-bit/color RGBA, non-interlaced","md5":"566e64364d6957715dc11845f4800700","sha1":"db98fcaaf06be921ed2b8f25ac80f0add9f4a787","sha256":"29a40d56580a5366083461297773dbf146ec043d1156f432f5472cb3487f506b","sha512":"d93824f3088a249625d0bbb64a99d1e320aa4e375ceea0205c961de73d04c635c97a7788865260e3ca13aba38a8dd95435f2183869f17a41afd4ee7d9364bc74","ssdeep":"192:NUNBikqtkfu6b+DkwFy3/0sRmz4fL5AHtHyhaFg63/:uNkkdfakwFy3/Xk6lepy6P","tlshash":"40f19e9f7f833802d90c95bf5492c75189c9d5551558c23fb0fd6132acaf5d3629f085","first_seen":"2025-05-20T14:46:56.545075Z","last_seen":"2026-04-05T01:00:42.171898Z","times_seen":1144,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-21","alert":"Sinkholed","trigger":"supportagentblue.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"supportagentblue.com/","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-21T17:39:31.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supportagentblue.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Sep 2025 16:06:28 GMT","end":"Sat, 20 Dec 2025 16:06:27 GMT"},"fingerprint":{"sha1":"99:3F:FB:EA:0D:FF:FD:89:F8:BD:E8:C4:8B:26:47:A2:45:C4:82:F2","sha256":"11:F0:16:A5:B7:A7:5B:81:02:38:DB:66:19:21:8B:F3:22:1E:1F:C0:82:00:5F:E1:09:1E:3E:BC:04:11:77:10"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: supportagentblue.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 21 Sep 2025 17:39:32 GMT\r\netag: \"d8cfe826315d70a92d2d421a57a0c93a-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01K5PNR21K6CC6PD8EX38B9FGX\r\ncontent-length: 408\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"3498082863cac4b280d603af690bb036","sha1":"418aaf7868edcf930e86d385187b62058c2be7ba","sha256":"51e9772b85d9dc38d0801264639348a5b118a517fe4c883aacda213587bce8bf","sha512":"66775a2dffd3433c6af80310061bd15d3f8a238191c6f91c7c36138e303e34f825e04e1d8d048652cc4d4b3e89f718e8045b6d0fdcceb55efd5a4c62e3e14e82","ssdeep":"","tlshash":"da211297965098190732872728c1f818cab19b8b93855c5d769a20ed1fc8fd1c3fb236","first_seen":"2025-09-21T17:40:15.112924Z","last_seen":"2025-09-21T17:40:15.112924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":221,"dns":57,"connect":1,"send":0,"wait":135,"receive":0,"ssl":161},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-21","alert":"Sinkholed","trigger":"supportagentblue.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"supportagentblue.com/assets/index-BJR0TQNe.js","fqdn":"supportagentblue.com","domain":"supportagentblue.com","tld":"com"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://supportagentblue.com/","date":"2025-09-21T17:39:32.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supportagentblue.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Sep 2025 16:06:28 GMT","end":"Sat, 20 Dec 2025 16:06:27 GMT"},"fingerprint":{"sha1":"99:3F:FB:EA:0D:FF:FD:89:F8:BD:E8:C4:8B:26:47:A2:45:C4:82:F2","sha256":"11:F0:16:A5:B7:A7:5B:81:02:38:DB:66:19:21:8B:F3:22:1E:1F:C0:82:00:5F:E1:09:1E:3E:BC:04:11:77:10"}}},"request":{"raw":"GET /assets/index-BJR0TQNe.js HTTP/1.1\r\nHost: supportagentblue.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://supportagentblue.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 21 Sep 2025 17:39:32 GMT\r\netag: \"8ad8256eacab41a8464a682147e6dc07-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01K5PNR2B3Q0PVH4BGZ86157H6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":369344,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37534)","md5":"4acee88c2290d78472e2a09d914a23c8","sha1":"196d50aa23deb2573a653adc37ca09ae5d3936b8","sha256":"5067a3075b05bb33683399029c167f361589a63b03c35146af1ed2e3a78fe3c5","sha512":"e2f89583d420d250716fbeba28bdfe0b663ad14f531bcfd5434b85348945e5b9be032d22b9682bc7e2fd10d6c932a5219631e4cbff2f4348ca2b9e7fdbc9e07a","ssdeep":"6144:gg3X1H3DwjsEPrINSADyz2LOJHulumklK9:PViINSAD7Kuluu9","tlshash":"91748d88b055b6bdafb705e5507f410a733d2916e81d8460f02cec6967b054aa2bbffc","first_seen":"2025-09-21T17:40:15.114245Z","last_seen":"2025-09-21T17:40:15.114245Z","times_seen":1,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-21","alert":"Sinkholed","trigger":"supportagentblue.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}