{"report_id":"2528ef4b-31f8-44b0-a9fd-a4585cceda90","version":0,"status":"done","tags":[],"date":"2026-06-08T16:08:48Z","url":{"schema":"http","addr":"herostreetusa.org","fqdn":"herostreetusa.org","domain":"herostreetusa.org","tld":"org"},"ip":{"addr":"172.67.139.5","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"herostreetusa.org/","fqdn":"herostreetusa.org","domain":"herostreetusa.org","tld":"org"},"title":"herostreetusa.org/","dom":{"size":57,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with no line terminators","md5":"fe0a83620de12dcbe260852fd137ee66","sha1":"fab8e591c45685216b50d429d5996b1771a4f412","sha256":"70aeac15fbde0c0906f1f8141bbb5094fb950be93de184c5e6bc6d89222605fb","sha512":"b9906c8a2a9c0d9eb3b6c2d97022f079d3ad11eac4a634cd9243690718b642fe84d54593d5011d4287b9e6a69c6c6f79615b96d929e83fd2565f16549aa71c2d","ssdeep":"","tlshash":"629002fd9151148edc6535800dc557822d65d36521439d1555c8697c8408525893278c","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"herostreetusa.org","fqdn":"herostreetusa.org","domain":"herostreetusa.org","tld":"org"},"ip":{"addr":"172.67.139.5","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-13T16:08:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"herostreetusa.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"herostreetusa.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"herostreetusa.org","ip":{"addr":"172.67.139.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-03-14","domain_rank":0,"first_seen":"2026-06-05T02:59:19.096902Z","last_seen":"2026-06-05T02:59:19.096902Z","alert_count":4,"request_count":2,"received_data":18278,"sent_data":996,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"herostreetusa.org/","fqdn":"herostreetusa.org","domain":"herostreetusa.org","tld":"org"},"ip":{"addr":"172.67.139.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-08T16:08:25.754Z","timestamp":1780934905754,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herostreetusa.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 05:59:39 GMT","end":"Tue, 18 Aug 2026 05:59:38 GMT"},"fingerprint":{"sha1":"57:0B:33:F6:1C:AA:23:0B:77:76:22:60:0A:93:7E:07:10:C5:51:CB","sha256":"13:4A:C6:E4:75:1E:81:25:D7:5F:86:5F:3A:D5:49:A1:26:38:83:11:AE:3E:36:89:36:A6:DB:4B:A2:59:30:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: herostreetusa.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 08 Jun 2026 16:08:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SZ4Nkn0gZS1lV8ioOpMYMmwPSRLS32VEen0rMgyu79u6T%2BoNGcoUuHRlZzFVtCKBRn%2F4tZMtl23Yf5KtQBW77WwDIOqy0Uoh7tdj3tT75VRQvB5YOHrdROrIaD%2FSCY5uwOWZVg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a08927b9a9098deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18,"size_decoded":643,"mime_type":"text/html; charset=UTF-8","magic":"Unicode text, UTF-8 text, with no line terminators","md5":"dc419d4e0f9f8db55aef8293bda664d6","sha1":"b749d5a1943d1a396ea5ef6d852806a15bf310d2","sha256":"960dabd2ed348d081cf0187370f55cea93d14243d107a67b065fa523711516a2","sha512":"85abc0f58bfa2fed624dac3dca09cb7a32025e19208788f8780f90319c56056928a97c35ffbe0bc21367d4ba9f4607467f8679cc385b3b0b3f5d728338d96778","ssdeep":"","tlshash":"857000000200088ac082000002080a80380222220283880280880a0800000200230008","first_seen":"2025-10-26T03:53:55.383177Z","last_seen":"2026-06-26T03:43:48.512103Z","times_seen":334,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":57,"connect":14,"send":0,"wait":445,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"herostreetusa.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"herostreetusa.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herostreetusa.org/favicon.ico","fqdn":"herostreetusa.org","domain":"herostreetusa.org","tld":"org"},"ip":{"addr":"172.67.139.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herostreetusa.org/","date":"2026-06-08T16:08:26.486Z","timestamp":1780934906486,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herostreetusa.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 05:59:39 GMT","end":"Tue, 18 Aug 2026 05:59:38 GMT"},"fingerprint":{"sha1":"57:0B:33:F6:1C:AA:23:0B:77:76:22:60:0A:93:7E:07:10:C5:51:CB","sha256":"13:4A:C6:E4:75:1E:81:25:D7:5F:86:5F:3A:D5:49:A1:26:38:83:11:AE:3E:36:89:36:A6:DB:4B:A2:59:30:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: herostreetusa.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://herostreetusa.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 08 Jun 2026 16:08:27 GMT\r\ncontent-type: image/x-icon\r\netag: W/\"6a0a9a96-423e\"\r\nlast-modified: Mon, 18 May 2026 04:50:30 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xy3H1SeYsvVo%2FtVUGhtB3wzcY1bq%2Be5a%2BfX4qr7HM7dRSPbBorb72yb2deWXT3eCfhH8MfzlW6K1JDx4rM67D49JzeKRAjkvoVSm7%2B6vT5uQj2%2BasdLvxPAa1uu2eBOmb2FsDw%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\ncf-ray: a08927bd89c38deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16958,"size_decoded":2898,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"c0744b63a7d313382af95c968ad68797","sha1":"3b9e23662d3797b83d727e4e14dd6212c1ffa2df","sha256":"047217464c14fe558804e3014b54147eb3204794125028178f93d6bc6d09084e","sha512":"619bdad157472d1ced6a9f625f5c265d63a98970e0a47ce069bedc03f7efe019112d44f5093bcf2f0dc573bd9e37dcd443c05b11c54d5195860c9c11a91a78b8","ssdeep":"48:5DwTL/h7QZAtJG20N2E7SeMbtqNAHkBWXBWTB36LVtKBTHfAImzGyl:GTxQZaJwsE7SeMb8uk+B46LnKBzwt","tlshash":"6f72d6c5c701746eebd686378d618e700b1e5e91a5301479ab327b57787ef822bb0847","first_seen":"2026-05-05T18:37:43.425146Z","last_seen":"2026-06-14T03:36:50.577972Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1120,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-08","alert":"Sinkholed","trigger":"herostreetusa.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-08","alert":"Phishing Block","trigger":"herostreetusa.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}