{"report_id":"16a539ea-9a0e-44e3-bcb2-5f0a88ac2734","version":6,"status":"done","tags":[],"date":"2025-11-11T19:25:42Z","url":{"schema":"http","addr":"loveshop13.biz/","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"ip":{"addr":"91.206.71.38","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"loveshop13.biz/","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"title":"Вы не робот?","dom":{"size":1473,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1440), with no line terminators","md5":"5dd222b0c985bc9a28026b3446e00217","sha1":"87445d0776848cd46cafb508d5beee2fdd9e9c1e","sha256":"4fde07a6c81d4bd39682c8830cc4d4b49ffab3fe117db78876bb5ef243201270","sha512":"62b10837b0ef6c4b6496be3a2d33112d665affd632cb4b43f0b63514894abc77484d7ff6eb9f0e577b9765c3d6520229cbc61b9dc2ee714877154deaeec58fb2","ssdeep":"","tlshash":"553174332d4954204867db70b4d3eac8d156803af917b890986021744ffdad5cf72e5e","dom_hash":"domhashf17fc353fdf76acc303b34dfc54c6653","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"loveshop13.biz/","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"ip":{"addr":"91.206.71.38","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-16T19:25:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"loveshop13.biz","ip":{"addr":"91.206.71.38","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2023-10-16","domain_rank":5052856,"first_seen":"2025-03-13T21:34:08.840888Z","last_seen":"2025-03-13T21:34:08.840888Z","alert_count":6,"request_count":3,"received_data":10091,"sent_data":1427,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"loveshop13.biz/","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"ip":{"addr":"91.206.71.38","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f745c22b8eb9b285d676b54de141f869","sha1":"3b380fe50a0e1157bfaa3b76ef04ca80c8ad2a4c","sha256":"0e3c46ef176a8c48db02ab9e446429608b74b8e4a5cd7db7ccb554850ab9e437","sha512":"b57f0a8e0efac9745add975681373d06475dc9b1a1bb46dceb314303c436b4c05bf7fb119da949692174072249652a07c0716f30212658bda677d04649c220e6","ssdeep":"","tlshash":"62c02b3b71092c74039bf936503fe3681b35300130011101d414084c4d96b8ce076c89","size":139,"data":"","first_seen":"2025-03-13T21:00:39.55932Z","last_seen":"2026-03-31T21:27:36.27338Z","times_seen":107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"loveshop13.biz/","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"ip":{"addr":"91.206.71.38","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T19:25:20.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"loveshop13.biz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 07:41:20 GMT","end":"Sun, 28 Dec 2025 08:41:18 GMT"},"fingerprint":{"sha1":"48:80:11:09:00:69:45:97:B5:34:54:15:AC:04:5F:4A:4A:F8:E5:DD","sha256":"A1:2A:9B:ED:DF:6B:BD:65:69:C9:A6:0F:90:29:23:81:12:03:1B:FE:CF:95:4F:EC:1C:10:2B:71:2D:61:15:51"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: loveshop13.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 19:25:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: gzip\r\ncf-ray: 99d02cc91e143181-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1473,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1440), with no line terminators","md5":"32527e6cd4c3c1b15e5903d404ae52d2","sha1":"2763c5ce9a1da6811a9837af392d76bbec42c15e","sha256":"a0c53615bef55e7077cb22bf4a57fc7938a2a335ab74d0a17ebfafdd4e9180a2","sha512":"d916d97e60b3e356d6c244c59427a5bed6a9ce02254757822e5ac2df7a119e522ebc395dafaa622e6685c431c2a9fc8a4d43910445690e4b3cab7540b9f3ed50","ssdeep":"","tlshash":"de3174331d5954205866db70b4d3eac8d556803af907b880985031784ffdad5cf72e5e","first_seen":"2023-11-10T02:27:09Z","last_seen":"2026-03-31T21:27:36.268414Z","times_seen":98,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":41,"dns":20,"connect":1,"send":0,"wait":69,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"loveshop13.biz/captcha","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"ip":{"addr":"91.206.71.38","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://loveshop13.biz/","date":"2025-11-11T19:25:20.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"loveshop13.biz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 07:41:20 GMT","end":"Sun, 28 Dec 2025 08:41:18 GMT"},"fingerprint":{"sha1":"48:80:11:09:00:69:45:97:B5:34:54:15:AC:04:5F:4A:4A:F8:E5:DD","sha256":"A1:2A:9B:ED:DF:6B:BD:65:69:C9:A6:0F:90:29:23:81:12:03:1B:FE:CF:95:4F:EC:1C:10:2B:71:2D:61:15:51"}}},"request":{"raw":"GET /captcha HTTP/1.1\r\nHost: loveshop13.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://loveshop13.biz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 19:25:20 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nlast-modified: Fri, 08 Nov 2019 15:44:17 GMT\r\npragma-directive: no-cache\r\ncache-directive: no-cache\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"5dc58d51-1739\"\r\ncontent-encoding: gzip\r\nset-cookie: CaptchaH=d668292f01fd152b323f9d82d6b5081f; Path=/; Expires=Tue, 11 Nov 2025 19:29:20 GMT\nCaptchaS=BBC95D53434E2E52; Path=/; Expires=Tue, 11 Nov 2025 19:29:20 GMT\r\ncf-ray: 99d02cca8add3181-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5945,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"c400fcb9941c961b07567080859f91d6","sha1":"89521df9769f0bc113d27cb28aa4092c1ee2c455","sha256":"9506c054ef4b1999707c5cd363086bd1b92f1a3aad8c07813361d957f94555d5","sha512":"64ed709e75c636ef63ab7e0d5b91347d1f41b768d62acf0c620fe2a5ceaae55d82df23ed7762b2629c0e5b3dfa1025bee73820f9650e1a19cbfebf05d2e6f928","ssdeep":"192:onzP9Wh+x8R/4P3kE78mEAneaGiS1tYOqhznntmafgTR1TGfZYRHcYb:onzVWhH/4P3ymuiSb5wngaIt1TgYRHd","tlshash":"e302bf1be389737099dc36bad0010bf1db1436b09d8b1de8e635eea535ebb34940e462","first_seen":"2025-11-11T19:25:43.302548Z","last_seen":"2025-11-11T19:25:43.302548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"loveshop13.biz/favicon.ico","fqdn":"loveshop13.biz","domain":"loveshop13.biz","tld":"biz"},"ip":{"addr":"91.206.71.38","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://loveshop13.biz/","date":"2025-11-11T19:25:20.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"loveshop13.biz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 07:41:20 GMT","end":"Sun, 28 Dec 2025 08:41:18 GMT"},"fingerprint":{"sha1":"48:80:11:09:00:69:45:97:B5:34:54:15:AC:04:5F:4A:4A:F8:E5:DD","sha256":"A1:2A:9B:ED:DF:6B:BD:65:69:C9:A6:0F:90:29:23:81:12:03:1B:FE:CF:95:4F:EC:1C:10:2B:71:2D:61:15:51"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: loveshop13.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://loveshop13.biz/\r\nCookie: CaptchaH=d668292f01fd152b323f9d82d6b5081f; CaptchaS=BBC95D53434E2E52\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 19:25:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: accept-encoding\r\nexpires: Tue, 11 Nov 2025 23:25:20 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: gzip\r\ncf-ray: 99d02ccadbe43181-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1473,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1440), with no line terminators","md5":"32527e6cd4c3c1b15e5903d404ae52d2","sha1":"2763c5ce9a1da6811a9837af392d76bbec42c15e","sha256":"a0c53615bef55e7077cb22bf4a57fc7938a2a335ab74d0a17ebfafdd4e9180a2","sha512":"d916d97e60b3e356d6c244c59427a5bed6a9ce02254757822e5ac2df7a119e522ebc395dafaa622e6685c431c2a9fc8a4d43910445690e4b3cab7540b9f3ed50","ssdeep":"","tlshash":"de3174331d5954205866db70b4d3eac8d556803af907b880985031784ffdad5cf72e5e","first_seen":"2023-11-10T02:27:09Z","last_seen":"2026-03-31T21:27:36.268414Z","times_seen":98,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"loveshop13.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}