{"report_id":"1bb9e604-1c5c-4c12-9f4a-50f6aff5316b","version":6,"status":"done","tags":[],"date":"2025-09-20T23:32:59Z","url":{"schema":"http","addr":"intimcity24.club/?tr_uuid=20250921-0932-23b7-8542-0bfcad587f65\u0026fp=-5","fqdn":"intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"103.224.182.242","port":0,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871","fqdn":"ww16.intimcity24.club","domain":"intimcity24.club","tld":"club"},"title":"intimcity24.club - Dette nettstedet er til salgs! - intimcity24 Ressurser og informasjon"},"submit":{"url":{"schema":"http","addr":"intimcity24.club/?tr_uuid=20250921-0932-23b7-8542-0bfcad587f65\u0026fp=-5","fqdn":"intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"103.224.182.242","port":0,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T23:32:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-20","alert":"Sinkholed","trigger":"img.sedoparking.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"intimcity24.club","ip":{"addr":"103.224.182.242","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":35888,"sent_data":536,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"ww16.intimcity24.club","ip":{"addr":"91.195.240.112","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":36391,"sent_data":1229,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.sedoparking.com","ip":{"addr":"205.234.175.175","port":80,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":591238,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":15626,"sent_data":383,"comment":"","tags":null,"fingerprints":[{"name":"CacheFly","description":"CacheFly is a content delivery network (CDN) which offers CDN service that relies solely on IP anycast for routing, rather than DNS based global load balancing.","website":"https://www.cachefly.com","common_platform_enumeration":"","icon":"CacheFly.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871","fqdn":"ww16.intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"91.195.240.112","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"21a1628a1c7d75b3953930c1257ed690","sha1":"504538309e3feee690d1cddb9d2eb4d8f68af23f","sha256":"227018f47d01786eb55b78601672c2d2666a52c9d9e59366f08eb7a527529f0d","sha512":"9ca6feadaf1c654a8eb49434d5c74be890694425d2de1d251a1ce3b7497b432dc5334ff7d726c538989ccf0d3aca8d9c16501a89afa1b65468a242757c314f6d","ssdeep":"","tlshash":"7471d91c3ecb7935945016ce6107ac08276f3333711175eee8be550903abdd921997b3","size":3531,"data":"","first_seen":"2025-09-20T23:33:23.593314Z","last_seen":"2025-09-20T23:33:23.593314Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871","fqdn":"ww16.intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"91.195.240.112","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cbb3d2ae8e9948970837ce73e3f47ef8","sha1":"26a24bc9b9af1b731d839ddda11d87665c2f894f","sha256":"9b8e88ae70dfa4837c62be1a9365b23b059a034f76554ad476098e72c1fd8a71","sha512":"af17443adcaecc9e7497020b2482fb46021f055d09824726330dde493e7e817380a7e0efc2ee9dddd506f8a0fb70cb24f74d473307526558342a613b0fa07a55","ssdeep":"","tlshash":"82118e8926e614194637a5388fcfc20871209007318a8d2c7f0d73e45f52a359bf77ed","size":916,"data":"","first_seen":"2024-05-24T00:49:23Z","last_seen":"2026-03-30T23:37:14.044359Z","times_seen":3862,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"intimcity24.club/?tr_uuid=20250921-0932-23b7-8542-0bfcad587f65\u0026fp=-5","fqdn":"intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"103.224.182.242","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-20T23:32:36.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"greeneggsandplanet.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Sep 2025 19:15:04 GMT","end":"Sun, 14 Dec 2025 19:15:03 GMT"},"fingerprint":{"sha1":"31:DC:A1:33:FE:B7:EC:D1:0F:AA:B5:BE:9C:A5:18:AE:EF:39:8C:89","sha256":"F4:28:FA:37:FD:BD:8B:04:FE:EA:FB:F5:2D:C5:2A:17:B8:62:80:95:6E:0E:1E:7E:19:12:42:73:0D:EE:FD:AA"}}},"request":{"raw":"GET /?tr_uuid=20250921-0932-23b7-8542-0bfcad587f65\u0026fp=-5 HTTP/1.1\r\nHost: intimcity24.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ndate: Sat, 20 Sep 2025 23:32:37 GMT\r\nserver: Apache\r\nset-cookie: __tad=1758411157.5152015; expires=Tue, 18 Sep 2035 23:32:37 GMT; Max-Age=315360000\r\nlocation: http://ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871\r\ncontent-length: 2\r\ncontent-type: text/html; charset=UTF-8\r\nconnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":35556,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T06:11:46.020773Z","times_seen":13409077,"resource_available":true,"data":null}},"time_used":1204,"timings":{"blocked":513,"dns":195,"connect":147,"send":0,"wait":177,"receive":0,"ssl":169},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871","fqdn":"ww16.intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"91.195.240.112","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-20T23:32:37.652Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?sub1=20250921-0932-378e-9d50-fa4fecde7871 HTTP/1.1\r\nHost: ww16.intimcity24.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Sep 2025 23:32:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ntransfer-encoding: chunked\r\nvary: Accept-Encoding\r\nexpires: Mon, 26 Jul 1997 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_XihtzfLKEl+cQgkdDmLLiIyCjBtjOtWivDsXWtazkArLZ7i/x7ng6xDJCR0xgAVRD+YUdQ1PUmB2Xpmtop6ZqA==\r\nlast-modified: Sat, 20 Sep 2025 23:32:37 GMT\r\nx-cache-miss-from: parking-7fbf5fd67f-z8dm9\r\nserver: Parking/1.0\r\ncontent-encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35556,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10651)","md5":"631355a22cbd2d38f646a0553cacff95","sha1":"456e5dcab87ef3ff827e574bc291884e4a2180f9","sha256":"2b4eca2053ca2583608cb5f4dca4212da910eb361aa1f6c844dae943e63c36d3","sha512":"d8b4a28a65f5bcfb8d7d0174f3689fe33688dcecd4bd6d6da31e0d1143ab1adac7129eca211bd8d575394247d0ec6a9470babbd3fd6e931000470d4bc19bdcc1","ssdeep":"768:5isNTN1L6Cjos/ipioBU91rulHWzHVYSOU6i+sNkuU0CAIbR+P1VYds3wDQ2bqF0:5jnKBarulHK1R7p+sf3RIVeHo2w8McIP","tlshash":"47f2c7156edd2537b023465e5ac267487363ca2fcd122e99f83cd2248bd2d8722e7f46","first_seen":"2025-09-20T23:33:23.586718Z","last_seen":"2025-09-20T23:33:23.586718Z","times_seen":1,"resource_available":false,"data":null}},"time_used":687,"timings":{"blocked":215,"dns":190,"connect":24,"send":0,"wait":256,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww16.intimcity24.club/search/tsc.php?ses=ogcYijXRSfoOww_0uzldD1xqwT0AhBWDX11yt2320J_ERbQwLskJGZXZzLZnawL_zQPWmbpUz1nYjX0UWJmTkQvkjJlZfy0FTeF2TA57sfKImFwwD98wnkEyOwJzoI4f4x4CSSl0hUlICDo3Hcy3-4DYwLALvAtV60_aNjUJZAIRDqPPmHqV6lvAiVHxxnnkk1epFX9Zrs4hIghZwQnwUD7UVj7tRq2URPom0mVhiU6LWmAoWTJ5QreXD4Jslqta40PaS3tcBeW2_RA-_8moccFIm9uldiaOHTaiNEN6VBvaOrbZz1zbJGy-0WQL73J06hyfwWOHmP4YliZsePFb6H9ysKKm5m9WKZkgLC4hus0vgD1Wn6ECp7v8-8Dcw\u0026cv=2","fqdn":"ww16.intimcity24.club","domain":"intimcity24.club","tld":"club"},"ip":{"addr":"91.195.240.112","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871","date":"2025-09-20T23:32:38.350Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /search/tsc.php?ses=ogcYijXRSfoOww_0uzldD1xqwT0AhBWDX11yt2320J_ERbQwLskJGZXZzLZnawL_zQPWmbpUz1nYjX0UWJmTkQvkjJlZfy0FTeF2TA57sfKImFwwD98wnkEyOwJzoI4f4x4CSSl0hUlICDo3Hcy3-4DYwLALvAtV60_aNjUJZAIRDqPPmHqV6lvAiVHxxnnkk1epFX9Zrs4hIghZwQnwUD7UVj7tRq2URPom0mVhiU6LWmAoWTJ5QreXD4Jslqta40PaS3tcBeW2_RA-_8moccFIm9uldiaOHTaiNEN6VBvaOrbZz1zbJGy-0WQL73J06hyfwWOHmP4YliZsePFb6H9ysKKm5m9WKZkgLC4hus0vgD1Wn6ECp7v8-8Dcw\u0026cv=2 HTTP/1.1\r\nHost: ww16.intimcity24.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Sat, 20 Sep 2025 23:32:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\nx-cache-miss-from: parking-7fbf5fd67f-jsf64\r\nserver: Parking/1.0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T06:11:46.020773Z","times_seen":13409077,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img.sedoparking.com/templates/logos/sedo_logo.png","fqdn":"img.sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"205.234.175.175","port":80,"asn":30081,"as":"CACHENETWORKS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww16.intimcity24.club/?sub1=20250921-0932-378e-9d50-fa4fecde7871","date":"2025-09-20T23:32:38.430Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /templates/logos/sedo_logo.png HTTP/1.1\r\nHost: img.sedoparking.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww16.intimcity24.club/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 20 Sep 2025 23:32:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 15086\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=604800\r\nExpires: Sat, 27 Sep 2025 23:32:38 GMT\r\nX-CFHash: \"def00c11b1596db4efee6a9fbe64fc27\"\r\nX-CFF: B\r\nLast-Modified: Mon, 11 Jan 2021 07:44:34 GMT\r\nX-CF3: H\r\nCF4Age: 0\r\nx-cf-tsc: 1729867994\r\nCF4ttl: 31536000.000\r\nX-CF2: H\r\nServer: CFS 1124\r\nX-CF-ReqID: 83453910a95f9a7aab52e9d9778dd553\r\nX-CF1: 11696:fC.arn1:cf:nom:cacheN.arn1-01:H\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CacheFly","description":"CacheFly is a content delivery network (CDN) which offers CDN service that relies solely on IP anycast for routing, rather than DNS based global load balancing.","website":"https://www.cachefly.com","common_platform_enumeration":"","icon":"CacheFly.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"def00c11b1596db4efee6a9fbe64fc27","sha1":"bd298981e6d8d7e4ffa18abcf687041f4246672d","sha256":"95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4","sha512":"c056e95dbfa1aab3a50dff18c6d577dbffea72c93316ffc53b6b7aa41dcc7707a810d563894589a7305de0b76610f88150b2034670de368773b2b356f14ad30f","ssdeep":"192:jiHSINqv0tJ30DezSfPAXTZwC3D2N2xp1Fd/ar/+zi3LHZNwkQH0iWpXDt3TN8rB:jzAnP9j","tlshash":"31623e0bfd4bc358ce50b23ae67c4bfb6361d8c1b090a7e257d9d51aafa7b014c9a011","first_seen":"2023-04-14T07:11:21Z","last_seen":"2026-04-06T06:08:31.148584Z","times_seen":221116,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":1,"connect":7,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-20","alert":"Sinkholed","trigger":"img.sedoparking.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}