{"report_id":"16201462-43c8-4389-8a42-37ff4175d0b7","version":6,"status":"done","tags":[],"date":"2026-03-19T09:02:42Z","url":{"schema":"http","addr":"rgpypgqt.optimizedevice.com/","fqdn":"rgpypgqt.optimizedevice.com","domain":"optimizedevice.com","tld":"com"},"ip":{"addr":"65.9.46.11","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rgpypgqt.optimizedevice.com/","fqdn":"rgpypgqt.optimizedevice.com","domain":"optimizedevice.com","tld":"com"},"title":"rgpypgqt.optimizedevice.com/","dom":{"size":2185,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"de42b86ec81d1d8a51ca589175098f99","sha1":"a2dab68f85dc7e342bdf4a5ca778354c91296b11","sha256":"c882746418e020629e030e0ac32014e03d69ef0e4a3b5cc6507c9e362bbe4b04","sha512":"185f2ae173e55dc8a901a3b169339fae20a1513a9af94a11c72a9800814dd961e62d2bd849d15c00793375c23710aaee762d7e5fc63dd3515d1a2f4dbabd8b99","ssdeep":"","tlshash":"e6410d3203b979e820f1b06751c871c02eb0401fa169aad26d614b37dffa779623534f","dom_hash":"domhashc1fec9cafeadbac0b33c1409ff211c3f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rgpypgqt.optimizedevice.com/","fqdn":"rgpypgqt.optimizedevice.com","domain":"optimizedevice.com","tld":"com"},"ip":{"addr":"65.9.46.11","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-23T09:02:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"rgpypgqt.optimizedevice.com","ip":{"addr":"52.84.50.25","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2022-05-30","domain_rank":0,"first_seen":"2022-06-13T00:18:12Z","last_seen":"2025-12-03T10:45:49.511747Z","alert_count":8,"request_count":2,"received_data":4592,"sent_data":957,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon ELB","description":"AWS ELB is a network load balancer service provided by Amazon Web Services for distributing traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rgpypgqt.optimizedevice.com/","fqdn":"rgpypgqt.optimizedevice.com","domain":"optimizedevice.com","tld":"com"},"ip":{"addr":"52.84.50.25","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T09:02:20.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.optimizedevice.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:5C:48:C6:FD:6D:DA:4E:F6:6E:BE:4F:8C:B8:1C:04:C2:3C:96:95","sha256":"69:41:81:72:66:9C:0A:32:3A:85:BD:E0:93:F8:F3:D1:46:4A:F1:EC:89:CD:0B:23:5F:EF:50:D8:F6:A1:6D:93"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rgpypgqt.optimizedevice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/plain\r\nserver: awselb/2.0\r\ndate: Thu, 19 Mar 2026 09:02:20 GMT\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 dab692ab133f98758992c9457836e846.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: axm_gc8pxsWExBWmt-lUHzPGSm3JjVIMNAZv7l5wVVNRXuezsyutqA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon ELB","description":"AWS ELB is a network load balancer service provided by Amazon Web Services for distributing traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]}],"data":{"size":1932,"size_decoded":0,"mime_type":"text/plain","magic":"exported SGML document, ASCII text","md5":"e61d1d5760baaf3d0ccf1aa952f4520a","sha1":"d2337b224bf171aff7432659b6709113b3a9d2e8","sha256":"87b547f4f24d54601ed2535601cab121789eb4f34a0398d0fd982a6d6891e02e","sha512":"b55fb6b9ceb63120bb99591cd3a0a45e39e3f02854f0b8fadda4af34b279047ba89bc700f53f724edb2e1148f6fdfa5c55c3862c7765f1f01f52ac453e5c4921","ssdeep":"","tlshash":"bc410f3203b8bc3824d5747b5589a5c42db5101f69a812d3a8635b6bfbf6b71733124f","first_seen":"2026-03-19T09:02:43.779444Z","last_seen":"2026-03-23T06:36:50.788623Z","times_seen":2,"resource_available":true,"data":null}},"time_used":939,"timings":{"blocked":100,"dns":26,"connect":1,"send":0,"wait":739,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgpypgqt.optimizedevice.com/favicon.ico","fqdn":"rgpypgqt.optimizedevice.com","domain":"optimizedevice.com","tld":"com"},"ip":{"addr":"52.84.50.25","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgpypgqt.optimizedevice.com/","date":"2026-03-19T09:02:21.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.optimizedevice.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Sat, 22 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:5C:48:C6:FD:6D:DA:4E:F6:6E:BE:4F:8C:B8:1C:04:C2:3C:96:95","sha256":"69:41:81:72:66:9C:0A:32:3A:85:BD:E0:93:F8:F3:D1:46:4A:F1:EC:89:CD:0B:23:5F:EF:50:D8:F6:A1:6D:93"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rgpypgqt.optimizedevice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgpypgqt.optimizedevice.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/plain\r\nserver: awselb/2.0\r\ndate: Thu, 19 Mar 2026 09:02:21 GMT\r\ncontent-encoding: gzip\r\nvary: accept-encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 dab692ab133f98758992c9457836e846.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: v242lhLhddFUz6pp5LJzK_wYcn2J_MhLNuvp3YuuNRxucFHR23Dklw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon ELB","description":"AWS ELB is a network load balancer service provided by Amazon Web Services for distributing traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]}],"data":{"size":1932,"size_decoded":0,"mime_type":"text/plain","magic":"exported SGML document, ASCII text","md5":"e61d1d5760baaf3d0ccf1aa952f4520a","sha1":"d2337b224bf171aff7432659b6709113b3a9d2e8","sha256":"87b547f4f24d54601ed2535601cab121789eb4f34a0398d0fd982a6d6891e02e","sha512":"b55fb6b9ceb63120bb99591cd3a0a45e39e3f02854f0b8fadda4af34b279047ba89bc700f53f724edb2e1148f6fdfa5c55c3862c7765f1f01f52ac453e5c4921","ssdeep":"","tlshash":"bc410f3203b8bc3824d5747b5589a5c42db5101f69a812d3a8635b6bfbf6b71733124f","first_seen":"2026-03-19T09:02:43.779444Z","last_seen":"2026-03-23T06:36:50.788623Z","times_seen":2,"resource_available":true,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"rgpypgqt.optimizedevice.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}