{"report_id":"2822cc4c-5bca-485b-8c38-541f2bc5b78f","version":6,"status":"done","tags":[],"date":"2026-02-14T09:21:59Z","url":{"schema":"http","addr":"app.malcare.me/adsecure-test.html","fqdn":"app.malcare.me","domain":"malcare.me","tld":"me"},"ip":{"addr":"67.212.173.74","port":0,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"app.malcare.me/adsecure-test.html","fqdn":"app.malcare.me","domain":"malcare.me","tld":"me"},"title":"Test page","dom":{"size":249,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"15b34081e0e9e884ebf1bcdc9343d7e6","sha1":"2a7b574013cd3a08aff45488ce5668aed3c4ed26","sha256":"4fb0762a6df97e23ac90721f288b10a51a5c4d7250772574514b781c568d7fc1","sha512":"287f24193f698f1b82ecf10447210a8c988c303347448e038b21df4e7e192dd459b8c910abbccf3f83b31d0b362ad12603ffb201ae26308c2a5da46431d04d8e","ssdeep":"","tlshash":"ded0a747d052545be56b83142cd1b2540988f85913675c416ecfa09999b6351c1f79c8","dom_hash":"domhashf4c094cbe7445cb0fdb3da605f5d1098","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"app.malcare.me/adsecure-test.html","fqdn":"app.malcare.me","domain":"malcare.me","tld":"me"},"ip":{"addr":"67.212.173.74","port":0,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T09:21:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"app.malcare.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"app.malcare.me","ip":{"addr":"67.212.173.74","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"domain_registered":"2025-09-01","domain_rank":0,"first_seen":"2025-09-03T05:35:07.87551Z","last_seen":"2026-02-14T04:49:08.678286Z","alert_count":2,"request_count":2,"received_data":2176,"sent_data":954,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"app.malcare.me/adsecure-test.html","fqdn":"app.malcare.me","domain":"malcare.me","tld":"me"},"ip":{"addr":"67.212.173.74","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T09:21:36.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.malcare.me","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 04:13:10 GMT","end":"Sun, 19 Apr 2026 04:13:09 GMT"},"fingerprint":{"sha1":"F1:13:A4:92:63:9F:1F:5A:C2:F4:13:0B:60:F9:08:53:A1:4A:97:A1","sha256":"DD:89:07:19:7C:B2:0D:0F:32:E4:AC:96:68:C4:07:6A:F1:5B:84:5C:2C:EB:69:9F:80:E3:04:FD:C9:C4:00:5D"}}},"request":{"raw":"GET /adsecure-test.html HTTP/1.1\r\nHost: app.malcare.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 09:21:37 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 11 Aug 2023 10:37:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64d60f4e-10a\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nalt-svc: h3=\":443\"; ma=604800; persist=1\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"4374873aacd1d749cf34786c70254431","sha1":"f8da4d560155090d6bfa4b508f22212fd705a834","sha256":"ff5c03947aa76902d21114f68b33566d5494cc7aed9a1d3e5780c2c28faee843","sha512":"9620757cfca63cd8067afc2bc1b5047e998facfe06e922176519b101b7c8b97e07631e4327ba158f0d07057ec135d79c5743b30062a2acb237b1f0f5f9a1cc2b","ssdeep":"","tlshash":"46d09787c0120007e12b82203ec1b344058af90927a70c001ecfe07aa9e6301c0fbacc","first_seen":"2025-04-10T08:20:51.35182Z","last_seen":"2026-04-02T16:23:00.766276Z","times_seen":104,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":225,"dns":0,"connect":108,"send":0,"wait":108,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"app.malcare.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.malcare.me/favicon.ico","fqdn":"app.malcare.me","domain":"malcare.me","tld":"me"},"ip":{"addr":"67.212.173.74","port":443,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.malcare.me/adsecure-test.html","date":"2026-02-14T09:21:37.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.malcare.me","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 04:13:10 GMT","end":"Sun, 19 Apr 2026 04:13:09 GMT"},"fingerprint":{"sha1":"F1:13:A4:92:63:9F:1F:5A:C2:F4:13:0B:60:F9:08:53:A1:4A:97:A1","sha256":"DD:89:07:19:7C:B2:0D:0F:32:E4:AC:96:68:C4:07:6A:F1:5B:84:5C:2C:EB:69:9F:80:E3:04:FD:C9:C4:00:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: app.malcare.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app.malcare.me/adsecure-test.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 09:21:37 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1150\r\nlast-modified: Fri, 11 Aug 2023 10:37:02 GMT\r\netag: \"64d60f4e-47e\"\r\nexpires: Sun, 15 Feb 2026 09:21:37 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nalt-svc: h3=\":443\"; ma=604800; persist=1\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"91abe01116ab422c598e9c8af72cf4da","sha1":"0f2815fe8e067d48537ad168225ab4674271fa27","sha256":"b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc","sha512":"a4d5b20c3014153b6b382c43404917bd2cb5bd2a59bb1e981f5a19eb7dbdec185ace288e9700428d24e5ac623e45d04905e706f0c45a1642b1aa6c091213c23c","ssdeep":"","tlshash":"172122f879c64fb4c438be3f3c4a9ae5ea70aa35efa0831316030446d42dbfd0825595","first_seen":"2023-04-05T07:36:26Z","last_seen":"2026-04-02T16:23:00.764474Z","times_seen":5052,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"app.malcare.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}