{"report_id":"338b0714-fb1a-41b6-90f6-aba38f704a1b","version":6,"status":"done","tags":[],"date":"2026-02-11T00:35:13Z","url":{"schema":"http","addr":"appltau30hs.info","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.9.229","port":0,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"final":{"url":{"schema":"https","addr":"ww53.appltau30hs.info/","fqdn":"ww53.appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"title":"appltau30hs.info","dom":{"size":9991,"mime_type":"text/html; charset=utf-8","magic":"C++ source, Unicode text, UTF-8 text","md5":"8bcacb630765446a79836eba02b47660","sha1":"cf8b82127665be5001295372acfe7ef419f7ab21","sha256":"56d60a95412c589c82e97caee874bdcc00c04aa3d8cebcf5a0f55173d3a3cc91","sha512":"9dceeb43939a74617958bc2906227e27242df8884def60b6fd054ef0ac4aa20efca2e416b6f171996842ffc6dd4a4c8d5bf1f48b7eac30bc60f1847b6da20701","ssdeep":"192:jdpGneIknQ3ncC6HZ07qWwL93mYLY4+o9m++UNPaNyJs5MsMeuVAT+a:5pGeI2Q3cN5UO7Ij9","tlshash":"1d2263196ab300196853917e73eba3492334e017d90ade683d9c8298dfc5ae86dd378c","dom_hash":"domhashf01c1c22e90b939653e29c7da8c58963","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"appltau30hs.info","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.9.229","port":0,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-18T00:35:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"ww53.appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"ww53.appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"ww53.appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"ww53.appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"appltau30hs.info","ip":{"addr":"46.8.8.222","port":443,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-11T00:34:59.325829Z","last_seen":"2026-02-11T00:34:59.325829Z","alert_count":16,"request_count":4,"received_data":15887,"sent_data":2078,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ww53.appltau30hs.info","ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-11T00:34:59.324356Z","last_seen":"2026-02-11T00:34:59.324357Z","alert_count":4,"request_count":1,"received_data":10395,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ww53.appltau30hs.info/","fqdn":"ww53.appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"db98d19a6970ebbec78015bb61f3da34","sha1":"f42cdaca6d6ff4f4532119f683ad2eb42c19a80c","sha256":"5aa001c23df357c609789035e9456d6c0428bfcbc7fe7fbdbda22fffef22799d","sha512":"e5b88084d5fdbb87207feef0d94fc60c28a4efb93c17f448bba1b123287e680a8fba30f580eabf4373bb1d8cd714e9caefcabb15bc9085bb8b70ebc885a726bc","ssdeep":"","tlshash":"15518f3939b70020549b105bb767a2487730e06be545cd28782dc6ec7fd0edcad63a98","size":2589,"data":"","first_seen":"2026-02-07T06:38:14.543472Z","last_seen":"2026-05-17T06:03:47.845783Z","times_seen":134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appltau30hs.info/something.js","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"667d5a99ff4205bad005d09cba77b9f1","sha1":"db80fff25dcc74ccac54dab767d3429f83684e13","sha256":"b90c41d3c2a299e5602b5637f67be61d57e6f6fe9e6848f167ba0eaeb300688d","sha512":"c444dce2895ad08eeef75a93bdec2e845555bd1a26399b6d8bec0570f687e4020a3a349c9ea66e5ad64a3e3805c9b231e4245e1c6a710580f4d7a4b42cbe949a","ssdeep":"","tlshash":"9ec09bd71500454715f70305cb03332cb56712d75c55f4d105215540b62870f567aefd","size":130,"data":"","first_seen":"2026-02-11T00:35:03.1066Z","last_seen":"2026-02-11T01:58:37.74853Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"appltau30hs.info/challenge?next=%2F","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.8.222","port":443,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ffe1b4417a07e74b97912dd6a01ee61","sha1":"39db7ce66a551caa264e7b992cad69815b9544f7","sha256":"44887553565c5a11af7c0e31651f48ed9630a82a015ddc07f392f4c94bc9f81d","sha512":"9c8e88cdbab155bb7e2b21a8ffe9710fa96c974792fb9e10d93ce80774919d5e67a6411e2ed5961faaf23d1ee87c1e1b0460806253d76f920c5f6e93cf1a1b9b","ssdeep":"","tlshash":"8a31107a247b242146e7653ec7a76212623248032847d4a87e8c93600f9a66dc7b7bde","size":1785,"data":"","first_seen":"2025-08-14T21:31:08.875628Z","last_seen":"2026-04-12T16:59:59.577404Z","times_seen":1223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"appltau30hs.info/challenge?next=%2F","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.8.222","port":443,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T00:34:51.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.appltau30hs.info","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:50:31:60:06:CD:D5:02:57:2D:31:2D:9C:B6:4E:29:1D:4B:BD:7B","sha256":"9C:43:8A:5E:FF:4A:1E:8B:DE:9B:2A:95:6E:E6:7D:13:55:CA:79:B4:5E:C2:47:F9:C0:C3:8C:20:9F:12:A5:DB"}}},"request":{"raw":"GET /challenge?next=%2F HTTP/1.1\r\nHost: appltau30hs.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appltau30hs.info/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 00:34:51 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 14 Aug 2025 10:31:51 GMT\r\netag: W/\"689dbb17-13cb\"\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5067,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"f61ef73ef2a92817b710440fa03a28bc","sha1":"6417f41e266e090e8e960f662469aa8fe86c7e66","sha256":"f050c2bae51fbec3b8f253dd746a2bca3e3f8dffbbe68337bf339aeb98cedd7e","sha512":"900bd8f54d5fe398fcdc1d07d8dedcc56970c306bf149e63b203ee2f716b8ae0fcbbe6ebd83dbb0f65a30134e1932961cd0984c477d68956cad63747e3cebb65","ssdeep":"96:DvzVuXihvxKSf3wv5xEOkC7di4Q8puviwjZpRwlZXDbVCuAcRcbqZmCn7A+4K4vt:DvzVuXi1xjfgvjEOkC7IZ8puviiZTEZ4","tlshash":"2aa1db7520a3203665b3913d6ba7a38e7130d4039513dd287ecca264cfcbaa9c5f6759","first_seen":"2025-08-14T21:31:08.870517Z","last_seen":"2026-04-12T16:59:59.562988Z","times_seen":1149,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appltau30hs.info/challenge/ok","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.8.222","port":443,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://appltau30hs.info/challenge?next=%2F","date":"2026-02-11T00:34:51.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.appltau30hs.info","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:50:31:60:06:CD:D5:02:57:2D:31:2D:9C:B6:4E:29:1D:4B:BD:7B","sha256":"9C:43:8A:5E:FF:4A:1E:8B:DE:9B:2A:95:6E:E6:7D:13:55:CA:79:B4:5E:C2:47:F9:C0:C3:8C:20:9F:12:A5:DB"}}},"request":{"raw":"POST /challenge/ok HTTP/1.1\r\nHost: appltau30hs.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://appltau30hs.info/challenge?next=%2F\r\nX-CH: 1\r\nOrigin: https://appltau30hs.info\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 00:34:51 GMT\r\ncontent-type: application/json\r\ncontent-length: 11\r\nset-cookie: botok=1; Path=/; Max-Age=3600; HttpOnly; SameSite=Lax\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"82380d1e263b6093f3c7535690fcdd75","sha1":"022d91f218046ab2e61cac1eb13d6a718f75df2b","sha256":"4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93","sha512":"180ea3cf6e7a00cb12ecff7ce095b8cef1921621de681a64e5e53e3efc0cf6053e557205f2bdb9b9d5af4de3d54c79d1c9b1c474b83897590c647b1e92d9c93a","ssdeep":"","tlshash":"2a500003000c0030c00003000300ff30000300300000000c000c3000033000c0003c03","first_seen":"2023-04-05T15:24:10Z","last_seen":"2026-05-24T23:30:50.076599Z","times_seen":9559,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appltau30hs.info/","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.8.222","port":443,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T00:34:51.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.appltau30hs.info","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:50:31:60:06:CD:D5:02:57:2D:31:2D:9C:B6:4E:29:1D:4B:BD:7B","sha256":"9C:43:8A:5E:FF:4A:1E:8B:DE:9B:2A:95:6E:E6:7D:13:55:CA:79:B4:5E:C2:47:F9:C0:C3:8C:20:9F:12:A5:DB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: appltau30hs.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://appltau30hs.info/challenge?next=%2F\r\nCookie: botok=1\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nlocation: http://ww53.appltau30hs.info/\r\ndate: Wed, 11 Feb 2026 00:34:51 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":10010,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww53.appltau30hs.info/","fqdn":"ww53.appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T00:34:51.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww53.appltau30hs.info","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Feb 2026 07:06:20 GMT","end":"Mon, 11 May 2026 07:06:19 GMT"},"fingerprint":{"sha1":"AB:77:B1:BC:1B:7C:7F:5F:A1:0B:AF:4A:47:BD:1F:D2:6B:5C:38:8A","sha256":"10:0E:82:C3:E6:B6:9C:B9:7C:5C:FD:00:23:F7:B7:0D:3C:7C:74:ED:CE:C2:9E:99:82:B7:95:6E:25:9E:E8:CA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ww53.appltau30hs.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Wed, 11 Feb 2026 00:34:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: _gp_sid=709cc3df-90b3-4680-a19c-f4192198ba2d; Path=/; Domain=appltau30hs.info; Max-Age=86400; HttpOnly; SameSite=Lax\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10010,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"C++ source, ASCII text","md5":"8dbe144f2a7414c2f4e844fc85e21013","sha1":"2b2284c56d2d2c6f8f71546d43e6ea46188218c1","sha256":"7bb4fc94868ddde2d91b29c04c17262bda78af7b0b4f2f8ecb9f8a9444da54b0","sha512":"fe6c65716b5d736187b7660468ee8144cc75010e637450ddac8ea0417a5f18a3f8a62758d016281dd22200ef8c99733418045e0b4c16eeb613aaa2a62267e21b","ssdeep":"192:X1pGneIknQ3ncC6HZ07qWwL93mYLY4+o9m++UNPaNyJs5MsMeuVAT+k:FpGeI2Q3cN5UO7IjF","tlshash":"b82264196ab310156853917e73eba3492334e017d90ade683d9c8398dfc5be86dd378c","first_seen":"2026-02-11T00:35:03.102891Z","last_seen":"2026-02-11T01:58:37.746912Z","times_seen":3,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":62,"dns":1,"connect":25,"send":0,"wait":308,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"ww53.appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"ww53.appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"ww53.appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"ww53.appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appltau30hs.info/","fqdn":"appltau30hs.info","domain":"appltau30hs.info","tld":"info"},"ip":{"addr":"46.8.8.222","port":443,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T00:34:50.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.appltau30hs.info","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 08 Feb 2026 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:50:31:60:06:CD:D5:02:57:2D:31:2D:9C:B6:4E:29:1D:4B:BD:7B","sha256":"9C:43:8A:5E:FF:4A:1E:8B:DE:9B:2A:95:6E:E6:7D:13:55:CA:79:B4:5E:C2:47:F9:C0:C3:8C:20:9F:12:A5:DB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: appltau30hs.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":152,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"d6acb46e36597eadd74d43df7e92a505","sha1":"2a5528dcee18e9adf38f24574a19d38d4e6a2ae6","sha256":"38a8fd6ff517b4b6098978adf76457727247e4e4d914a2e08a581340c5603c3a","sha512":"a48104fd044129954164d3d6c35bafcc78463a6ed1cbe3a4e9bb9686c6185c449eda7920fda21fa77ce47de643976027c26b5f28cf9c785b2670b6d806fc1a76","ssdeep":"","tlshash":"60c08caaac10100824a0349099ea3b040d2c891061109c4822a412e5cab9fc598a368e","first_seen":"2026-02-02T22:26:12.183274Z","last_seen":"2026-04-12T16:59:59.548617Z","times_seen":675,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":57,"dns":1,"connect":16,"send":0,"wait":16,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-11","alert":"Sinkholed","trigger":"appltau30hs.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-11","alert":"Phishing Block","trigger":"appltau30hs.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}