{"report_id":"16363edd-c81c-4954-9d4b-adc8a4bbf4aa","version":6,"status":"done","tags":[],"date":"2026-04-13T02:29:51Z","url":{"schema":"https","addr":"fortniteaim.com","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":0,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"fortniteaim.com/","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"title":"Best Free Fortnite Hack | Download Now","dom":{"size":12149,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"fc79708e23e4fca493c121ca2d4192de","sha1":"b64ba39a6c36463282c6966b895508e12e3bbd16","sha256":"89470cc8fde2b3cf47e01acb40980d59d5b36f2bd97b5200bf71a0212f19f397","sha512":"b7bf35e0af3c92bac2fa13bfca3b488a15cc3e7e0463f84744d005436aa14e388b7ec5a10067f593c7e6d25d7c27afa2b063990cbdae23e4a7b9597232afe426","ssdeep":"192:4ME/bRIWJGbLr566NHwA+F8AAHxFAKJz3YB0RPI8g:411Jas6j3I8g","tlshash":"8f421035a1f1b63351a340e2b5a7276beeb0d943d6aa810431fc4b849ff6c92c91359f","dom_hash":"domhashe135d0ca61e17da646d4dcd48ac02fb8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"fortniteaim.com","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":0,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-18T02:29:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fortniteaim.com","ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"domain_registered":"2024-02-19","domain_rank":0,"first_seen":"2026-04-13T02:29:52.742609Z","last_seen":"2026-04-13T02:29:52.742609Z","alert_count":69,"request_count":23,"received_data":1635368,"sent_data":10578,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-12T22:24:43.06808Z","alert_count":0,"request_count":1,"received_data":471714,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"fortniteaim.com/","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1d785e720d99bb9ec7f8dc81b7be8f99","sha1":"ee28570b6fbb6007d6e188069023837c1aa02556","sha256":"eeb2da324e486d8338bea0595b2b7a01b8ce7e387f39c88f2b9705e065fe489a","sha512":"fabd9ab5b57d792ca22c2eced9b8548d3ff289bd641256a1f336e79b8f2c5c53e7974e1d0b344f922c3020c3b22a6851bfe59d60c72d8ceb6dfd03af9fb8f738","ssdeep":"","tlshash":"b8c08c982a9b5c7140b73a454b3f7105b006a31320a1ce313e0ea2844f34e2beb94c48","size":190,"data":"","first_seen":"2026-04-13T02:29:55.536222Z","last_seen":"2026-04-13T02:32:27.932356Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/script.js","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2fae9abb5ffccf6b7e77a751316d14f2","sha1":"808d0ce1d77a799296f480bdc58209550d95b7d7","sha256":"4c5cff0a6747cb7ae3d9adf8a226683ee1ff262a3a6c5badd9c40e9f2b188968","sha512":"21dc0adb041fffe11bdc052d248dbe720646eab063186ea2f5ee14c878e679d48db9938ea2ebaa39b707b96cb900590b0650c4efb995651be0df8e6956031277","ssdeep":"","tlshash":"94d0223d2bb682a0c0370186e0bbe305f871003b680ac082c56e480dfc71e9398e7a89","size":214,"data":"","first_seen":"2026-04-13T02:29:55.526215Z","last_seen":"2026-04-13T02:32:27.914334Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KZNW1BQBL8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f041dc2264660a113d9afbcad79fa1d","sha1":"f78ef14cefb4cce82d134fa85de722657353da31","sha256":"fe17df47e907ade64ec506df0418eaa4a523f6cedd48005817ef4e19d48c2dea","sha512":"72d95f4a82e4d08c9fc4934ae42756bd3bfeb9d32be3a1cbf6479709f6c80091a87850a224f3ca95577ecb1d95034c7b79fec4e8dc2f0cbbc6c267db8de64b28","ssdeep":"6144:L7ESjtww7Ww2e5OI4wgzVj8V5hVl5Wc0CVs2h/O5RJltFXA:bww7WiJKzV8Fuw","tlshash":"10a4f9ceb3d674225396f478903f018ba57b28e2b44cc8a9f189cce42e7465a5167f7c","size":471110,"data":"","first_seen":"2026-04-13T02:29:55.515488Z","last_seen":"2026-04-13T02:32:27.931217Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fortniteaim.com/img/download-section-icon-3.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/download-section-icon-3.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 50722\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-c622\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50722,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ac067a477126a8141cac70c0ce007f12","sha1":"8f5ba5283ec1211299bc318d227188ad63ccb071","sha256":"b5639ea3edaad8fddd34c13f46511036232d29c46cae73b7c2997bfb002bd3cd","sha512":"2dcbecacbc932a2bb21875c47ab7d5adfaeedd53f67770c04196e3368bba5104b629ad651aa25381854ab6b7a69e1cb4e4aeadbdc1af952faa8684fa24c34b45","ssdeep":"1536:OJKBmUysexxOCRnYzpwVMwWrxMVcgyWeVOMZR:eKBNMAC2zpwVoti6RT","tlshash":"6c33f26eb3d9cecde6836dfbdd59408458a8b17015e482aff10403c53ac532b7ad678a","first_seen":"2026-04-13T02:29:55.513372Z","last_seen":"2026-04-13T02:32:27.920049Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/fonts/Prompt-Thin.ttf","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /fonts/Prompt-Thin.ttf HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 158176\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-269e0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158176,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"beb6203138487da728da4ef2cb9e4105","sha1":"a915d2c371760149053cf35e291a6d5450b21ba6","sha256":"85c59af8ee352b8316de948f46193749a2f484cc71e8e1db23ff2ad8af96ee1e","sha512":"2c76b740dac983b741ae4ab2924123e8731ad2e225cf47c4d3e4ce888a6997f54ec19902a9f42d1e81cf56b4fc0a193a407b4964e29b4e5c33735098d6eda775","ssdeep":"1536:7OK1m8IIIliyAs9IB0uDUImntFe0wSmwpMavBIpAqn8BpX/EuY8rq7YikBC+enz9:NmisW/Utn/vSG/Euynz/Kfm4qx","tlshash":"8af35c07f3a1d348fe2b1eb4257a62b5997af67d1d3f83ca51492229ecde5c00d08792","first_seen":"2026-04-13T02:29:55.514407Z","last_seen":"2026-04-13T02:32:27.929716Z","times_seen":2,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KZNW1BQBL8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:36:34 GMT","end":"Mon, 15 Jun 2026 08:36:33 GMT"},"fingerprint":{"sha1":"2B:85:76:FF:73:EC:64:41:FB:26:DB:EC:68:F0:41:6B:E3:37:11:5D","sha256":"52:B3:B1:11:B7:C1:E7:3F:EE:BB:16:D2:1D:6D:28:EF:98:6C:F6:48:31:A1:82:61:F3:23:B4:E2:1F:A5:D1:B7"}}},"request":{"raw":"GET /gtag/js?id=G-KZNW1BQBL8 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\nexpires: Mon, 13 Apr 2026 02:29:30 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 156409\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":471110,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"2f041dc2264660a113d9afbcad79fa1d","sha1":"f78ef14cefb4cce82d134fa85de722657353da31","sha256":"fe17df47e907ade64ec506df0418eaa4a523f6cedd48005817ef4e19d48c2dea","sha512":"72d95f4a82e4d08c9fc4934ae42756bd3bfeb9d32be3a1cbf6479709f6c80091a87850a224f3ca95577ecb1d95034c7b79fec4e8dc2f0cbbc6c267db8de64b28","ssdeep":"6144:L7ESjtww7Ww2e5OI4wgzVj8V5hVl5Wc0CVs2h/O5RJltFXA:bww7WiJKzV8Fuw","tlshash":"10a4f9ceb3d674225396f478903f018ba57b28e2b44cc8a9f189cce42e7465a5167f7c","first_seen":"2026-04-13T02:29:55.515488Z","last_seen":"2026-04-13T02:32:27.931217Z","times_seen":2,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":102,"dns":0,"connect":14,"send":0,"wait":50,"receive":62,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/bg.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/bg.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:34:50 GMT\r\netag: W/\"b52-63a7d1ce48f17\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-13T06:02:03.007534Z","times_seen":5723,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/fonts/Prompt-ExtraBold.ttf","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /fonts/Prompt-ExtraBold.ttf HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 169920\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-297c0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":169920,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"c742aaf9d7ec2559c9105bb46dbb6da5","sha1":"5b2098053211d81e2bdb19be9541fbcf1e5868b0","sha256":"55defb31227adc54e7bf0541e5d3f5f0a46816c23e8292b7f8553e97605248cb","sha512":"bd8ef1ae1059a9b75d46c801d337f38e96fd5d11ec1836aa3cd777aee41fe3d52fad34f7982e3afd7f20dd1ef4948a7cd4b87d61d3a2c5e89aa275b26007ad6a","ssdeep":"3072:6mRzWvGQU3KXWV8CiPT1P3wQ9OzY1C1jKqVlY:6mROC3k57kY1C1jKqVlY","tlshash":"b7f34a07f7a9e344ef2e1a7125b86377a566f0320b3a878fa1497734d8a65c40e497c3","first_seen":"2025-04-26T03:09:18.993535Z","last_seen":"2026-04-13T02:32:27.921239Z","times_seen":5,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":94,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/icon.png","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/icon.png HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 13502\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-34be\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 321 x 323, 8-bit/color RGBA, non-interlaced","md5":"cf2edda7bc0eb0aa8b317ab6ceda84ab","sha1":"d6d55faae36dec1425579a2e2e74fe3fd68bfe73","sha256":"e3f4179dadd9de18c659ae7b451731f929b28ace47a468c724522cccefb54e33","sha512":"f651775b7074ac8326d3acdc799a98a1784207e6bd44399b6d679b29cec58255aebe5e01b5fbc6dbc40491be0f5b22b489476240f796dd27899f29b631c7da71","ssdeep":"384:WjOEacdj/5H/RAW/fnctJuBWo2WDx9OyMkvvPGBk:qpacddH5AMfncti/DeWvh","tlshash":"6952a0fa47dcc1a3855166fa133eec37b59cf93728218d2facc1829af14ca593c845a4","first_seen":"2026-04-13T02:29:55.518216Z","last_seen":"2026-04-13T02:32:27.924869Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-13T02:29:29.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 3016\r\nlast-modified: Wed, 01 Apr 2026 00:58:26 GMT\r\netag: \"33da-64e5b94da4e1f-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":13274,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"baaacabd411c7f9aa84caf2b5a12d5dc","sha1":"0b420e24aff5f9d6c2f4ae5a68598d8c7752a7ad","sha256":"6a153e3981559ddfcef6c15b8584cca3ab0390c057bd833e9ab61108f49e5c1f","sha512":"bfa71c96af9211687291ed753d36756c2f03f1bc9db9ff549695423440c1be4413119668afddd3ca7798b2e42682924e966223c07aeb7d18ccc311b4887d2142","ssdeep":"192:NMEeqR3fWlL4Lm5l+7ZUNOXuANRvtNapZy2OGnF0RPI8g:N18lEa+CtHWI8g","tlshash":"12521225a5f1b67350a340f2b6a7266beeb0d883d6a5810c31fc8b449ff6c51c91359f","first_seen":"2026-04-13T02:29:55.519159Z","last_seen":"2026-04-13T02:32:27.916409Z","times_seen":2,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":87,"dns":35,"connect":22,"send":0,"wait":25,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/style.css","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a3437-40eb\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16619,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"4b73100dab6aeac7c51416a81760acc6","sha1":"0e46d470d4885a34c9825a176a449d30e72b3028","sha256":"f573078bd20fefc0e58b6cf0f007122f89e5036318f047b4dbe73b25c4e7f3e7","sha512":"402e01a842dbc8e3b9cf5ef2f7da0ddf048c09072d868e711e0472f87b04fb0ed15efca8d4761f63ebed55ef1c148716d6350dd821c611ef5c6570d3b042fe06","ssdeep":"192:EQ67sVme+/+jyYSWPTVIAhQTJcaT+C3Wvn3uDA+4gUI2bwNJoNFCJljbAbOKl3J7:C9s3","tlshash":"3672c144dd0a2101b6b3dab97ba34e09e7d948878786837d3af0504cffe55288669fcd","first_seen":"2026-04-13T02:29:55.520116Z","last_seen":"2026-04-13T02:32:27.925963Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/second-section-1.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/second-section-1.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 137590\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-21976\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137590,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"023c0a02b21fc98af9bced6adc0d531c","sha1":"9ac12798e82cefa03f39afb520b2ba31f05f4714","sha256":"f7b642c1d4bc0e0239ecc831ab4f3a9fb195533452a336509c7876c305efeb89","sha512":"c11c32ab6d62d283a18ce06b2ed8dbe4c161ca1d1b95ccbc5235d93f0b85ce3fe63371c22a0c9d17ae4be8fe5a4aba23658aebcdeb5bc016c9c9b8bec2466e4b","ssdeep":"1536:iASR0f8Tqo1E0KO6txai4QvfJMf1T/pqX/dsDdbIhv7OEYrWioaEnmxiDQ55qUCm:i/t+oOW6tI1rwsD09aEnmxiD4q1/Mtd","tlshash":"7ad3128872e212a1d2fe333cdf9d5f8ba90864fa9654944f1f152f19c150f65980bf8a","first_seen":"2026-04-13T02:29:55.521003Z","last_seen":"2026-04-13T02:32:27.928103Z","times_seen":2,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/second-section-2.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/second-section-2.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 74900\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-12494\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74900,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1fa99a59448ec218864ed721a2ede11b","sha1":"0277fd21fa63a18a3b72f6cda73263909ef47fb0","sha256":"747e08d9051524b791280d24c49b65f515564d9b52f2ab3ae3b46b24e3e45ba5","sha512":"33adb5d02ab7264807805b5ece1d51babbee141513f1601332f7249003aea007582450a1108522275ecc52077b2ddf83835d8a85c30c06201d5500268947af3c","ssdeep":"1536:2HOXwVkGhQq4YHRCdqEVDjSIgEsraoN3d3kdYXkfY/+A0GN:2HOXwV9QhIEdVQesGoNN3DXXL5N","tlshash":"0773029ea5411a37c0a02e36278b0b3677a5cf0635fc2d13b6fd11a1dcf344d8696a2d","first_seen":"2026-04-13T02:29:55.522088Z","last_seen":"2026-04-13T02:32:27.90554Z","times_seen":2,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/third-section-2.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/third-section-2.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 57150\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-df3e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57150,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0502fc1ad8ec927e2b24651aaea06090","sha1":"0b41784af4ce756561187e4b19dc0b17b304fbbc","sha256":"d5275ab7907e6b381868260cce1c532eb8d115ae93c77bf52257aef11c3330de","sha512":"2007e12980661d9d3f44755d3f5516cda27ffc705518f21a9a64118239414a9ac39a4e96a0fed40619c4701bd5484c1c7f1b0ae445937a2b313079a86d897beb","ssdeep":"1536:UI1o40Id1RKCsnHK5ik1cG8/jVFHUphGnDBEzSM3:UzId1XCYiwc7j1gz","tlshash":"cd430267d3d9a00ef7aedff9402853eb72142f79431ba8068461b7daa5ae09905c53c1","first_seen":"2026-04-13T02:29:55.522918Z","last_seen":"2026-04-13T02:32:27.909176Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/download-section-icon-1.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/download-section-icon-1.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13132\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-334c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13132,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f7af7c8e835ca15a3f8dea38d6aaa6a9","sha1":"8806565bf97bfa7ac1b893e51880951a19dc5e82","sha256":"8361c1344b3d34d1708130e96f6af40f0b099d204d38bddfa1310696c793ba5f","sha512":"132073785652813f0d96110599e5bb53dbc1644ec54a03df92a61414ae5a8cb9031201de1d858dc1e2c6e2401ede14d1b02f9b5cf93f90fc0f3dcd422f13f946","ssdeep":"384:V/Nwkyb/z3j2rX95lwVs0kuVK4ZPULbBG95n3/ZP40RUXmdBENBZMl:VSVzT2rx2OuVPPULtoRrWaaBZ8","tlshash":"2842bf7abf10a3ce828590eedb3bcc459bc807973c82a11608ce614468d88d56fdd59f","first_seen":"2026-04-13T02:29:55.523879Z","last_seen":"2026-04-13T02:32:27.910766Z","times_seen":2,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/download-section-icon-2.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/download-section-icon-2.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7434\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-1d0a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7434,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"cb582df1659b37754b43673048ba2588","sha1":"29b0c9c30fe9b2823a582f5491659ff0940f1637","sha256":"bf84498c222061cc03912f2e3a5bf3b420ab6e7ae7c7628f429e2a1235807360","sha512":"9c461fc222c5ba0b014ae4f85392717efbb837f0745c3c91c588f1e37e1fe75be084ded43bfd9203261649359e418c282ac4dff8010cc09c62f0bdd0a882ce8e","ssdeep":"192:U2wYT72ovgW5/iSpkys7mq1V3+/BYrndvyT5TP6ZemB1n0:U2nqov8E6mehWBYrnY8Zjz0","tlshash":"4be19f26276c1aadfc0dc5d169048d80891af35cc707a046eb3dd9936dd9a63efc272d","first_seen":"2026-04-13T02:29:55.525129Z","last_seen":"2026-04-13T02:32:27.912401Z","times_seen":2,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/script.js","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 214\r\nlast-modified: Wed, 01 Apr 2026 00:58:26 GMT\r\netag: \"69cc6db2-d6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"2fae9abb5ffccf6b7e77a751316d14f2","sha1":"808d0ce1d77a799296f480bdc58209550d95b7d7","sha256":"4c5cff0a6747cb7ae3d9adf8a226683ee1ff262a3a6c5badd9c40e9f2b188968","sha512":"21dc0adb041fffe11bdc052d248dbe720646eab063186ea2f5ee14c878e679d48db9938ea2ebaa39b707b96cb900590b0650c4efb995651be0df8e6956031277","ssdeep":"","tlshash":"94d0223d2bb682a0c0370186e0bbe305f871003b680ac082c56e480dfc71e9398e7a89","first_seen":"2026-04-13T02:29:55.526215Z","last_seen":"2026-04-13T02:32:27.914334Z","times_seen":2,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/third-section-1.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/third-section-1.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 59478\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-e856\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59478,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"511b9e69afe8609b0d4120ad07275942","sha1":"0ae0b4ffffce9a5eb3b0933f7cb6cda5409e42d5","sha256":"0c45f750f8e53d627732912170b5c354da66f28e0cd2930411def9b7765bf6d6","sha512":"0f59ee44313b0b6fb5291d6e14cec8c7cceacc9abad304f94ddca282cc965eaafdebe71d599dd77335afc416ac00f6245e9c2e1f73215a6ee8202749f2afef4a","ssdeep":"1536:rCZG//ITr+cCK2vKLGgO0cBVuPE0nrwHEUla1:2ZQZcCKS8rcBAs0nr6l6","tlshash":"a5430148a3f57a70c312f6700f4c9f8c52da8709ea9a9b4a93694af158d53fcc2418a7","first_seen":"2026-04-13T02:29:55.527156Z","last_seen":"2026-04-13T02:32:27.907484Z","times_seen":2,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/fourth-section.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/fourth-section.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 63338\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-f76a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"93eee7efec06a34cddf21e672db1e723","sha1":"dc12ca3cbea9450591f448f6f03d26ba4dbb4313","sha256":"bea9dd4e676a9ba6db2fcd4e76262a59af257c663860975e0051a0998055692a","sha512":"f08d7ba027926a09d3b6d4cd210a468346ac15d767451627463701292f9b260ea071ab44d203a7c14e84049d3809330dd356dd1f433bab6354a099ebed4e426a","ssdeep":"1536:DI7b3wvcVfzv2zDdY6kMKdD5lBdppQqUFxOBeEM+:DI7zw0ViLKdppQzFx6r","tlshash":"ec530272703ac609d15055f0a30bcf8f08abaad5a10fcfecf6550a76671ae7cd1b5282","first_seen":"2026-04-13T02:29:55.528126Z","last_seen":"2026-04-13T02:32:27.921996Z","times_seen":2,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/scripts/insert.js?source=index","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /scripts/insert.js?source=index HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:34:50 GMT\r\netag: W/\"b52-63a7d1ce48f17\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-13T06:02:03.007534Z","times_seen":5723,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/fonts/Prompt-Black.ttf","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /fonts/Prompt-Black.ttf HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 170136\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-29898\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":170136,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"59223f0a5cea662ec7abb5f0df04a39f","sha1":"1c3cf9a9299210397ab74e9bd305847b7555aa63","sha256":"54546d1e6d23295492d9bc6a2e3df31c45fc262ff5de888b5d728c865bfabc71","sha512":"2bddd81ef30ba853cea9417f4252d6a1c9c60ade69193dc4bb559dc641e8fb8f10ea111651f65b6b1ab8547cff74423365b7309b3b4d5e04523500ed3b410417","ssdeep":"1536:z+mLkU9IB0uf2ZntZZQ8mfBritowbe/D3QAZ7k/CiUCw/WpyFeXJpyzNRDhYSeh/:Cm4UWrL5Oy/sJFmNRDhzxC9q3Qt","tlshash":"53f34b03f7a9e284ef2e5e7511799777569af4320a3b878fa2047b35ec9a5c04d093c2","first_seen":"2026-04-13T02:29:55.529114Z","last_seen":"2026-04-13T02:32:27.923747Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":58,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/fonts/Prompt-ExtraLight.ttf","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /fonts/Prompt-ExtraLight.ttf HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 157380\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-266c4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157380,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"8ff5b11b1c2db4776479e6def5778ec6","sha1":"b08188281a205b58c6c818ddbef3104e4c47a2d6","sha256":"dab328960113378ced2a23e1c3b79a5af5debf7e6df2a7ae099212df14d25bc0","sha512":"511b97872f3e81281cd4c89f050ade8da2ecc76afb99e6b259ce591539ca5ec2cbe628ad7d5c17a94c1fadb7983eff380e632a9934a867552990771b8f76c0cf","ssdeep":"1536:7bTlfbmtPs9IB0u7UIpontOQg+PZ3Oe4RckA2ZNK3cFL55e5dkDvpYKYsUIq+ZHM:lmtPsW3UXWNK3cFL5odOUILWjcB1BPo","tlshash":"30f34c13f3e5f749fe2f0e7412796360aaaaf5329a3fc3cf95492625d8964c00d19392","first_seen":"2025-03-06T01:56:51.204465Z","last_seen":"2026-04-13T02:32:27.915656Z","times_seen":7,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/fonts/Prompt-Bold.ttf","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /fonts/Prompt-Bold.ttf HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 172528\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-2a1f0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":172528,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 14 names, Microsoft, language 0x409","md5":"bc0acd878ec0801f7f1dc856da920bba","sha1":"1f6da982f97fb51b13e31fb0ee60f1cb21b7846b","sha256":"5465cd9c24b8ca5376ecf59f880bd75edd1093ec4c46eeb8fa4080471069c510","sha512":"9a943fbd8e5e058aba7f07d5cfb19d16bea10b5a14102b3f88dc8d77ddd12ca0009663dbfa1b6fc5e36e9d18e0f1cc437571d60f04fa25ec0030af9f79f77ac9","ssdeep":"3072:5mVyWPHRnwM+9KdL2AwFJkcOyo1RxoirE1DRwcbQX2C5LzOgR75wrXzNt:5mV7HRnwM+9KdL2AwFJkcOyovWRwcbQI","tlshash":"4ff35c03f2a9e688ff2f1e7525b85377a26af1325a3b874e91497739ec965c00d047c2","first_seen":"2024-08-19T15:41:10.358867Z","last_seen":"2026-04-13T02:32:27.929051Z","times_seen":28,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/fonts/Prompt-Medium.ttf","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /fonts/Prompt-Medium.ttf HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 170148\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-298a4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":170148,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"e5b348d9905a62a774612a3df5a12c09","sha1":"ed15bfac8ac1e25dfbaef4c3e7dc6178b3347379","sha256":"181c4a3d5965261e83005343e076f55bba98781b0cc94e2c1a664e5c08160ec2","sha512":"4d4c441fd2e19d02483aee0f0a9cc06216cc5d65f4ea4de274e9f7c276db02266b95ab09e2efcc3cf4bbaa438ff228031f929a2ad6f3b05421e9325a9daab09f","ssdeep":"3072:czm621lWZFy73GPC9Acxaaos7CmBTyt3VmK:im62cy73GuAO2sMFmK","tlshash":"fbf34a07f795e344ff2e2eb425b59376a66af4211a3b838f91457b34e8961e84d0c3c2","first_seen":"2023-06-29T22:14:41Z","last_seen":"2026-04-13T02:32:27.93059Z","times_seen":32,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/logo.png","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/logo.png HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 10713\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-29d9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 607 x 274, 8-bit/color RGBA, non-interlaced","md5":"a03773ea58cc1f0f2427bf3fbf255278","sha1":"e56d058869cfe68f37749b25d516556cff1e882c","sha256":"a27cfb3679ee64844537766c2700898c42252ac85d6e41429b91aab15ff4ca60","sha512":"6b6c95f4218246bcc8485b357bc5ff904a50960001147b070c302f6f4f2d1f67d07265ab69c197bfc8e5fa22d2dd27a3a59bedc23023a6088d41f541d7cf1523","ssdeep":"192:XSqoxY63s3KYKivx5VmCVnIRk+ApvDMto9UTFSD0zD2Oop/5zEP0Dd6AgYRoooxt:CS3b9Ck+Ah2NJSD0XBop/NE8DdbB8t","tlshash":"f622afe7addf88015e113c70495d0bd921a77ab1b0b6527fa1a03b98178706acd368df","first_seen":"2026-04-13T02:29:55.532683Z","last_seen":"2026-04-13T02:32:27.91761Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/first-section.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/first-section.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 52106\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-cb8a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52106,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"71473a10590b5368b7eab16986804157","sha1":"7dbf36080979e8f00fe634ef23de3ffaa700085e","sha256":"9c34b77aba1b3a34bed1660bbf63fe172a29e7d76cb90997beded4b0251b76cc","sha512":"0ee1bfb0894850cd1af46289520f375e050aa61eb39319d8dc952a9533628775b590c12f446f90bf2a1efcceaf27bdfc7e34d631bcf5af716f560880b5872517","ssdeep":"768:vZRC2uYdlAXD9JH7qSklFHHaHNJgm9mPKdT1S8azN9+XvYfNi0zEDf7+Y6xAE:vfVdlAX5JmSkvaHYmcicR9lNxW+X/","tlshash":"d333f1f2d390aedfc4fa19b81d621672c80f5222632f8b2554f887754ef4cd2ca5961b","first_seen":"2026-04-13T02:29:55.534098Z","last_seen":"2026-04-13T02:32:27.927103Z","times_seen":2,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortniteaim.com/img/third-section-3.webp","fqdn":"fortniteaim.com","domain":"fortniteaim.com","tld":"com"},"ip":{"addr":"5.187.4.134","port":443,"asn":44051,"as":"Fornex Hosting S.L.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortniteaim.com/","date":"2026-04-13T02:29:30.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortniteaim.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 06:02:03 GMT","end":"Sun, 28 Jun 2026 06:02:02 GMT"},"fingerprint":{"sha1":"29:33:89:BA:88:2C:BF:EB:76:B8:EA:26:F2:29:01:82:D6:F7:38:35","sha256":"AE:32:0C:21:04:05:68:87:52:08:3C:EF:76:A3:71:4D:9E:21:24:16:13:C6:A5:CA:3F:7C:7F:5C:FB:D6:C6:99"}}},"request":{"raw":"GET /img/third-section-3.webp HTTP/1.1\r\nHost: fortniteaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortniteaim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 13 Apr 2026 02:29:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 54116\r\nlast-modified: Wed, 28 Jan 2026 16:07:19 GMT\r\netag: \"697a3437-d364\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54116,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"063caf9be1926529dc5b00d72aafe1aa","sha1":"f2f5a44540ff5f3a3eb4c1acc3a6ca2c15802985","sha256":"e9ca55ac6b957d152ac24fd6a488c2762f47aaa42ebe10f28dd8e767be48df8e","sha512":"b048ab43e51c62568d58843fcb1f96b72e1a8909102ad572f97387c3c6df561352e8afd15cf3af529d715c3548cbcfcf15c5fccae1b0e5dd0ab8caff22392a9e","ssdeep":"1536:Dx46faOR17tyfwK4REldnHXEp3dI9hb0Xgc7mQrPw0o:j3vBCwREHn3g3C9hDow9","tlshash":"ec33025342e4a10bd86a13305b798b8cf790158ff893d7595635a86ff349eb6790c01f","first_seen":"2026-04-13T02:29:55.535146Z","last_seen":"2026-04-13T02:32:27.918882Z","times_seen":2,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-13","alert":"Sinkholed","trigger":"fortniteaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}