{"report_id":"1ff00ae9-ff4e-404a-8d59-238eee2609f7","version":6,"status":"done","tags":[],"date":"2025-10-20T07:06:39Z","url":{"schema":"http","addr":"fastestclix.com/click?key=26871160de2940eaa4c2\u0026subid=M7563196610931326977\u0026pid=27166-f3533d81\u0026partner_id=27166\u0026__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJjbiI6MSwibSI6MSwiZG0iOjQwOTYsIm1jZiI6MCwiYmEiOjEsIm1wNGEiOjEsIm1wNHQiOjAsIm10Ijo1LCJ0eiI6LTYwLCJ1YSI6Ik1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCA2LjA7IE5leHVzIDUgQnVpbGQvTVJBNThOKSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQxLjAuMC4wIE1vYmlsZSBTYWZhcmkvNTM3LjM2IiwicCI6IkxpbnV4IiwicnRjIjoxLCJzIjoxLCJ2IjoxfSwiYSI6eyJjMSI6MCwidyI6MCwiY3ciOjAsImFlIjowLCJ0cyI6MH0sIndnIjp7InYiOiJudWxsIiwiciI6Ik1hbGktVDgzMCIsImUiOjB9LCJzIjp7InByIjoxLCJ3IjozNjAsImgiOjc4MCwiaXciOjM2MCwiaWgiOjc4MCwib3ciOjM2MCwib2giOjc4MCwiYXciOjM2MCwiYWgiOjc4MCwiY2QiOjI0LCJwZCI6MjR9LCJuIjp7ImUiOjF9LCJoIjp7ImhjIjo4LCJrbCI6IjAifSwibSI6eyJhIjoxLCJnIjoxLCJtIjowfSwidCI6eyJlIjoxLCJwIjo1LCJwZSI6MX0sInN0Ijp7ImwiOjEsInMiOjEsImkiOjF9LCJudyI6eyJkIjo5MDAwLCJlIjoiNGciLCJyIjowLCJ0IjoiIn0sImYiOjAsIm13IjoxfQ==\u0026__originalReferer=https://ss.surtul.social/","fqdn":"fastestclix.com","domain":"fastestclix.com","tld":"com"},"ip":{"addr":"24.144.83.121","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2","fqdn":"phonesafetycheck.com","domain":"phonesafetycheck.com","tld":"com"},"title":"Android Security Check"},"submit":{"url":{"schema":"http","addr":"fastestclix.com/click?key=26871160de2940eaa4c2\u0026subid=M7563196610931326977\u0026pid=27166-f3533d81\u0026partner_id=27166\u0026__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJjbiI6MSwibSI6MSwiZG0iOjQwOTYsIm1jZiI6MCwiYmEiOjEsIm1wNGEiOjEsIm1wNHQiOjAsIm10Ijo1LCJ0eiI6LTYwLCJ1YSI6Ik1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCA2LjA7IE5leHVzIDUgQnVpbGQvTVJBNThOKSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQxLjAuMC4wIE1vYmlsZSBTYWZhcmkvNTM3LjM2IiwicCI6IkxpbnV4IiwicnRjIjoxLCJzIjoxLCJ2IjoxfSwiYSI6eyJjMSI6MCwidyI6MCwiY3ciOjAsImFlIjowLCJ0cyI6MH0sIndnIjp7InYiOiJudWxsIiwiciI6Ik1hbGktVDgzMCIsImUiOjB9LCJzIjp7InByIjoxLCJ3IjozNjAsImgiOjc4MCwiaXciOjM2MCwiaWgiOjc4MCwib3ciOjM2MCwib2giOjc4MCwiYXciOjM2MCwiYWgiOjc4MCwiY2QiOjI0LCJwZCI6MjR9LCJuIjp7ImUiOjF9LCJoIjp7ImhjIjo4LCJrbCI6IjAifSwibSI6eyJhIjoxLCJnIjoxLCJtIjowfSwidCI6eyJlIjoxLCJwIjo1LCJwZSI6MX0sInN0Ijp7ImwiOjEsInMiOjEsImkiOjF9LCJudyI6eyJkIjo5MDAwLCJlIjoiNGciLCJyIjowLCJ0IjoiIn0sImYiOjAsIm13IjoxfQ==\u0026__originalReferer=https://ss.surtul.social/","fqdn":"fastestclix.com","domain":"fastestclix.com","tld":"com"},"ip":{"addr":"24.144.83.121","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-24T07:06:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-20","alert":"Sinkholed","trigger":"phonesafetycheck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"phonesafetycheck.com","ip":{"addr":"157.230.164.190","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"2025-10-05","domain_rank":0,"first_seen":"2025-10-09T02:58:23.461549Z","last_seen":"2025-10-18T16:36:28.503291Z","alert_count":3,"request_count":3,"received_data":18953,"sent_data":1494,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"fastestclix.com","ip":{"addr":"24.144.83.121","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"2025-08-10","domain_rank":0,"first_seen":"2025-08-17T22:29:08.547051Z","last_seen":"2025-10-18T08:54:29.968885Z","alert_count":0,"request_count":1,"received_data":10925,"sent_data":1432,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2","fqdn":"phonesafetycheck.com","domain":"phonesafetycheck.com","tld":"com"},"ip":{"addr":"157.230.164.190","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9fade8c0b3eb481826e3ce96ef5758e8","sha1":"3dae82d5e113c508619c326cb089d435d4e3489c","sha256":"c70b2c3b66a69001719a53a3b77afffc3847d21379d1bf780673a9ca4613f994","sha512":"ef37ddfb1b88b2ba34d8944b1b82726533729d1343cae4353b911e6cfa2c5dfd84d62b13828711670a6e23df02d2b610984102cc92daa92703fe385d15ead9ab","ssdeep":"","tlshash":"2e710f6b367608398e6b54fb66579398393050073d03ea8d395c44248fd3e8aa5b7aec","size":3595,"data":"","first_seen":"2025-10-09T02:58:27.21401Z","last_seen":"2025-10-28T05:16:00.788449Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"phonesafetycheck.com/favicon.ico","fqdn":"phonesafetycheck.com","domain":"phonesafetycheck.com","tld":"com"},"ip":{"addr":"157.230.164.190","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2","date":"2025-10-20T07:06:17.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phonesafetycheck.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:20:31 GMT","end":"Sat, 03 Jan 2026 11:20:30 GMT"},"fingerprint":{"sha1":"C1:37:DB:D3:62:3B:64:A1:1E:72:C6:09:CA:0B:B4:EC:C8:44:22:92","sha256":"86:18:5E:9A:D3:4C:87:4A:E7:F5:C1:9D:0A:EC:F6:2D:A6:43:41:2A:08:FB:39:08:06:F6:70:D2:B6:A5:3F:33"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: phonesafetycheck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Mon, 20 Oct 2025 07:06:17 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":162,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"1b7c22a214949975556626d7217e9a39","sha1":"d01c97e2944166ed23e47e4a62ff471ab8fa031f","sha256":"340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87","sha512":"ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5","ssdeep":"","tlshash":"59c08c6e2613bd4cc6a3217522c3b490c09aa3a7a4ea46214840805331cb29a8ac7396","first_seen":"2023-03-10T20:17:28Z","last_seen":"2026-06-16T01:33:23.787111Z","times_seen":45376,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-20","alert":"Sinkholed","trigger":"phonesafetycheck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fastestclix.com/click?key=26871160de2940eaa4c2\u0026subid=M7563196610931326977\u0026pid=27166-f3533d81\u0026partner_id=27166\u0026__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJjbiI6MSwibSI6MSwiZG0iOjQwOTYsIm1jZiI6MCwiYmEiOjEsIm1wNGEiOjEsIm1wNHQiOjAsIm10Ijo1LCJ0eiI6LTYwLCJ1YSI6Ik1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCA2LjA7IE5leHVzIDUgQnVpbGQvTVJBNThOKSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQxLjAuMC4wIE1vYmlsZSBTYWZhcmkvNTM3LjM2IiwicCI6IkxpbnV4IiwicnRjIjoxLCJzIjoxLCJ2IjoxfSwiYSI6eyJjMSI6MCwidyI6MCwiY3ciOjAsImFlIjowLCJ0cyI6MH0sIndnIjp7InYiOiJudWxsIiwiciI6Ik1hbGktVDgzMCIsImUiOjB9LCJzIjp7InByIjoxLCJ3IjozNjAsImgiOjc4MCwiaXciOjM2MCwiaWgiOjc4MCwib3ciOjM2MCwib2giOjc4MCwiYXciOjM2MCwiYWgiOjc4MCwiY2QiOjI0LCJwZCI6MjR9LCJuIjp7ImUiOjF9LCJoIjp7ImhjIjo4LCJrbCI6IjAifSwibSI6eyJhIjoxLCJnIjoxLCJtIjowfSwidCI6eyJlIjoxLCJwIjo1LCJwZSI6MX0sInN0Ijp7ImwiOjEsInMiOjEsImkiOjF9LCJudyI6eyJkIjo5MDAwLCJlIjoiNGciLCJyIjowLCJ0IjoiIn0sImYiOjAsIm13IjoxfQ==\u0026__originalReferer=https://ss.surtul.social/","fqdn":"fastestclix.com","domain":"fastestclix.com","tld":"com"},"ip":{"addr":"24.144.83.121","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-20T07:06:16.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fastestclix.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 23:50:40 GMT","end":"Tue, 06 Jan 2026 23:50:39 GMT"},"fingerprint":{"sha1":"BD:9E:36:9D:5C:D6:96:82:94:0F:D5:D2:A2:0D:8A:79:AA:D6:51:F6","sha256":"32:A3:AE:DE:C4:53:DB:A3:28:37:4E:41:2E:B9:38:2B:61:9F:29:F9:83:41:6D:57:C9:00:3D:86:E2:F7:96:44"}}},"request":{"raw":"GET /click?key=26871160de2940eaa4c2\u0026subid=M7563196610931326977\u0026pid=27166-f3533d81\u0026partner_id=27166\u0026__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJjbiI6MSwibSI6MSwiZG0iOjQwOTYsIm1jZiI6MCwiYmEiOjEsIm1wNGEiOjEsIm1wNHQiOjAsIm10Ijo1LCJ0eiI6LTYwLCJ1YSI6Ik1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCA2LjA7IE5leHVzIDUgQnVpbGQvTVJBNThOKSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTQxLjAuMC4wIE1vYmlsZSBTYWZhcmkvNTM3LjM2IiwicCI6IkxpbnV4IiwicnRjIjoxLCJzIjoxLCJ2IjoxfSwiYSI6eyJjMSI6MCwidyI6MCwiY3ciOjAsImFlIjowLCJ0cyI6MH0sIndnIjp7InYiOiJudWxsIiwiciI6Ik1hbGktVDgzMCIsImUiOjB9LCJzIjp7InByIjoxLCJ3IjozNjAsImgiOjc4MCwiaXciOjM2MCwiaWgiOjc4MCwib3ciOjM2MCwib2giOjc4MCwiYXciOjM2MCwiYWgiOjc4MCwiY2QiOjI0LCJwZCI6MjR9LCJuIjp7ImUiOjF9LCJoIjp7ImhjIjo4LCJrbCI6IjAifSwibSI6eyJhIjoxLCJnIjoxLCJtIjowfSwidCI6eyJlIjoxLCJwIjo1LCJwZSI6MX0sInN0Ijp7ImwiOjEsInMiOjEsImkiOjF9LCJudyI6eyJkIjo5MDAwLCJlIjoiNGciLCJyIjowLCJ0IjoiIn0sImYiOjAsIm13IjoxfQ==\u0026__originalReferer=https://ss.surtul.social/ HTTP/1.1\r\nHost: fastestclix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Mon, 20 Oct 2025 07:06:16 GMT\r\nlocation: https://phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2\r\nset-cookie: uclick=m7WLlQsOMIg1h+D8bWCY5x//nsq3k9lhb5h+Y9O+5SOCPNM0BfuKXnSVszq0Y+ljroLzi9k=; Max-Age=31536000; SameSite=Lax\nbcid=d3qtuq5mjjbc73dhh8qg; Max-Age=31536000; SameSite=Lax\r\nvia: 1.1 Caddy\r\nx-request-id: 8c85aa23-223f-4f7f-bf64-daba0e2aa876\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":null,"data":{"size":10486,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T01:37:43.272642Z","times_seen":16456477,"resource_available":true,"data":null}},"time_used":1030,"timings":{"blocked":351,"dns":10,"connect":165,"send":0,"wait":328,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2","fqdn":"phonesafetycheck.com","domain":"phonesafetycheck.com","tld":"com"},"ip":{"addr":"157.230.164.190","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-20T07:06:16.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phonesafetycheck.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:20:31 GMT","end":"Sat, 03 Jan 2026 11:20:30 GMT"},"fingerprint":{"sha1":"C1:37:DB:D3:62:3B:64:A1:1E:72:C6:09:CA:0B:B4:EC:C8:44:22:92","sha256":"86:18:5E:9A:D3:4C:87:4A:E7:F5:C1:9D:0A:EC:F6:2D:A6:43:41:2A:08:FB:39:08:06:F6:70:D2:B6:A5:3F:33"}}},"request":{"raw":"GET /?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2 HTTP/1.1\r\nHost: phonesafetycheck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Mon, 20 Oct 2025 07:06:17 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 05 Oct 2025 12:31:19 GMT\r\netag: W/\"68e26517-28f6\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10486,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ea270688bd1bb2c971662f8696590248","sha1":"d21ba2dd9ddbf3d1531b28da7079e776957d0ac2","sha256":"bfe9e72df569db391a9cc4a94612c79816ac41b404e00c88748c98e6d05274cc","sha512":"2ce5d012500498fe2fdd08795ea4461db96b0392ec69f50aa9ae6e670cbc1a05e5bd9189a4c35201d7ba003429ed162251ed01b93a63ecfd0ef67ae0df72cc7a","ssdeep":"192:Xm1dxeJUR2ggH62xt7u7nI5OWWhzrnjmwgmadSVpaPFI3ws6DgC8r9:sxeqR2ggHryU5OWm7ladSVpv3wsO6J","tlshash":"ba22c63271a41439b127e0ea76d35bce3a94e507f9075a8879ec51708fc3e928a635dc","first_seen":"2025-10-09T02:58:27.209616Z","last_seen":"2025-10-28T05:16:00.78489Z","times_seen":7,"resource_available":false,"data":null}},"time_used":896,"timings":{"blocked":364,"dns":20,"connect":168,"send":0,"wait":167,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-20","alert":"Sinkholed","trigger":"phonesafetycheck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phonesafetycheck.com/gift.png","fqdn":"phonesafetycheck.com","domain":"phonesafetycheck.com","tld":"com"},"ip":{"addr":"157.230.164.190","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2","date":"2025-10-20T07:06:17.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"phonesafetycheck.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 11:20:31 GMT","end":"Sat, 03 Jan 2026 11:20:30 GMT"},"fingerprint":{"sha1":"C1:37:DB:D3:62:3B:64:A1:1E:72:C6:09:CA:0B:B4:EC:C8:44:22:92","sha256":"86:18:5E:9A:D3:4C:87:4A:E7:F5:C1:9D:0A:EC:F6:2D:A6:43:41:2A:08:FB:39:08:06:F6:70:D2:B6:A5:3F:33"}}},"request":{"raw":"GET /gift.png HTTP/1.1\r\nHost: phonesafetycheck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phonesafetycheck.com/?cid=d3qtuq5mjjbc73dhh8qg\u0026aff=0642\u0026p=2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Mon, 20 Oct 2025 07:06:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 7676\r\nlast-modified: Sun, 05 Oct 2025 12:20:22 GMT\r\netag: \"68e26286-1dfc\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7676,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 79, 8-bit/color RGBA, non-interlaced","md5":"1a02b7bd6f007c486ec7b3cb3777505b","sha1":"4ce388ef2c92c94fafa398dd1c844891e8ebf6e7","sha256":"b9d8f03d4064cd127779902f0b76a51772ff5dbd9edd905d2e16fa18a113338d","sha512":"964bcf1b306148c921019ca926ea17682bf9b3a825ea6e835b454b73487d81ba295c57ba79395f4a20adbdc38f8bd1e894048fba2b8245dbb624aa52bf061cad","ssdeep":"192:kSJQgWFArhJcXFghQ0IpZUm1bwCHUZRGHFVuZqo:jEqrEqhQNwm1XIRGlYZ","tlshash":"68f1afa82fdb7c44c5b68d629437d2225d4cc8dca6e5139991938cd896311b4fe241f7","first_seen":"2024-05-25T23:33:47Z","last_seen":"2026-06-06T02:09:34.486828Z","times_seen":138,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-20","alert":"Sinkholed","trigger":"phonesafetycheck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}