{"report_id":"228d8383-f40c-412c-8715-bd48e9e3ae3b","version":6,"status":"done","tags":[],"date":"2026-05-12T08:50:42Z","url":{"schema":"http","addr":"qjmok16pbaqv.com/","fqdn":"qjmok16pbaqv.com","domain":"qjmok16pbaqv.com","tld":"com"},"ip":{"addr":"3.225.58.222","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"qjmok16pbaqv.com/","fqdn":"qjmok16pbaqv.com","domain":"qjmok16pbaqv.com","tld":"com"},"title":"Error","dom":{"size":122,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"7aad1ddd67ea824f06288560b31f8bad","sha1":"89edecc171ece0b306118207a81b3da2ff12db4a","sha256":"ecdc210fc72aa366dfe6f1294c923c6d0c33e1c2dd453d7c78a5279eb83ecad1","sha512":"bc85dad50653631913eb17fea48f0115c5778428d71b5ea2a4ff6b73355a8ab7aa0de157f01c85f27e7577b78159618751d3101e41cdd3212c38d5ba13e675f6","ssdeep":"","tlshash":"a4b02b5a000100414e30830428c272941dd5390d04b184006b006066dcd4023c482180","dom_hash":"domhash861c10d83d6a9eeb579a5baadc70a7e6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"qjmok16pbaqv.com/","fqdn":"qjmok16pbaqv.com","domain":"qjmok16pbaqv.com","tld":"com"},"ip":{"addr":"3.225.58.222","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-16T08:50:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"qjmok16pbaqv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"qjmok16pbaqv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"qjmok16pbaqv.com","ip":{"addr":"54.227.109.230","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2024-01-10","domain_rank":0,"first_seen":"2025-07-09T08:12:07.261789Z","last_seen":"2026-01-23T10:48:28.962769Z","alert_count":4,"request_count":2,"received_data":954,"sent_data":970,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"qjmok16pbaqv.com/","fqdn":"qjmok16pbaqv.com","domain":"qjmok16pbaqv.com","tld":"com"},"ip":{"addr":"54.227.109.230","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-12T08:50:18.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abadfaheff4.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 14:16:37 GMT","end":"Mon, 29 Jun 2026 14:16:36 GMT"},"fingerprint":{"sha1":"31:FB:3C:CD:11:32:AA:F7:AC:DA:29:34:D7:2D:5F:BC:57:BC:3B:3E","sha256":"CD:5D:20:16:30:F6:C5:9A:DA:DC:4D:C7:E9:72:7D:C6:6A:31:E2:FC:D2:5E:7C:F2:80:86:03:CD:8B:72:69:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: qjmok16pbaqv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 12 May 2026 08:50:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 139\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":139,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"da7da7d630292e7a2a7dda8ca87b3d39","sha1":"a4cb76424dc44433a2df01fe8b0bbd836d15e970","sha256":"52c1e7a2c36be28c42455fe1572d7d7918c3180cad99a2b82daa2a38a7e7bb23","sha512":"9e717f9c6699b280436ca9be7107ba6301430d4def8311b963a266a5b3b91b2719687b04860509b6142fa24d629a3217bd450696559fe6d9dc8c60bccfd740ad","ssdeep":"","tlshash":"e3c02b9e100111410a3083003ec1329435973b9d24f285006b82f027ecd4617c8c7288","first_seen":"2023-04-05T13:34:15Z","last_seen":"2026-05-25T14:22:45.987692Z","times_seen":2108,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":211,"dns":14,"connect":95,"send":0,"wait":96,"receive":0,"ssl":100},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"qjmok16pbaqv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"qjmok16pbaqv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qjmok16pbaqv.com/","fqdn":"qjmok16pbaqv.com","domain":"qjmok16pbaqv.com","tld":"com"},"ip":{"addr":"54.227.109.230","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-12T08:50:19.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abadfaheff4.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 14:16:37 GMT","end":"Mon, 29 Jun 2026 14:16:36 GMT"},"fingerprint":{"sha1":"31:FB:3C:CD:11:32:AA:F7:AC:DA:29:34:D7:2D:5F:BC:57:BC:3B:3E","sha256":"CD:5D:20:16:30:F6:C5:9A:DA:DC:4D:C7:E9:72:7D:C6:6A:31:E2:FC:D2:5E:7C:F2:80:86:03:CD:8B:72:69:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: qjmok16pbaqv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 12 May 2026 08:50:19 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 139\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":139,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"da7da7d630292e7a2a7dda8ca87b3d39","sha1":"a4cb76424dc44433a2df01fe8b0bbd836d15e970","sha256":"52c1e7a2c36be28c42455fe1572d7d7918c3180cad99a2b82daa2a38a7e7bb23","sha512":"9e717f9c6699b280436ca9be7107ba6301430d4def8311b963a266a5b3b91b2719687b04860509b6142fa24d629a3217bd450696559fe6d9dc8c60bccfd740ad","ssdeep":"","tlshash":"e3c02b9e100111410a3083003ec1329435973b9d24f285006b82f027ecd4617c8c7288","first_seen":"2023-04-05T13:34:15Z","last_seen":"2026-05-25T14:22:45.987692Z","times_seen":2108,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"qjmok16pbaqv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"qjmok16pbaqv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}