{"report_id":"3659865e-9255-4bf3-97e0-3b833026d62a","version":6,"status":"done","tags":[],"date":"2026-04-04T12:14:39Z","url":{"schema":"http","addr":"voting-avici.money","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"172.67.207.20","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"voting-avici.money/","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"title":"Avici - Rewards","dom":{"size":136724,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (28380)","md5":"c11820cdc3f8e84d8ef481c0323413c6","sha1":"c1bbb51f8b6b0d94bbb2a43e2369feb031bc2d8c","sha256":"eda0cc5e5343d5d522c479febd9595a3fdb75957685e41311042a6b4a7506f0f","sha512":"662920a85d968d6eca7a4c122ad574fba571fe1f0b0378f0291dd2b822204d88d86eb245766f95d15030c0532f06891bb1d2b29e76f860688eaddf06c7a7f254","ssdeep":"3072:S6XXzBvraQ6BfnZa5uZOtSQCX2Am7o37WLitSQCX2PW:SkNvGQ6BfauYZCXFm7o37WLeZCXeW","tlshash":"c8d3d03194e4886b04c3839ce624eb2d3f4e9253bf2545097bec66ca2f47cd0d9972ac","dom_hash":"domhash2c082d44288935a30e5979bebf22190d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"voting-avici.money","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"172.67.207.20","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-09T12:14:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"voting-avici.money","ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-04T12:14:40.943293Z","last_seen":"2026-04-04T12:14:40.943294Z","alert_count":10,"request_count":5,"received_data":2181412,"sent_data":2397,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"voting-avici.money/","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e8ddfa8c170edeb116b2423a40e1119c","sha1":"9be6318c631f21af660a0d09ba588de5dc81fb51","sha256":"6fde4a80c3640054ee7299b198baa5ce42550d8856f00d032f6d6173fb7b9546","sha512":"252a302abcba78b6c33fce29ba2a1174cdeda36956adb0c2828da01a1b1c0e504bbeb9bbcd50b98a165d45c06d2c8fd0fe00e87e6bb21e3bcacae837690ae40d","ssdeep":"","tlshash":"95c0222482f089f0813c24c7107d22552070286a0022608ae2aa8ec7584cfc84608d10","size":187,"data":"","first_seen":"2026-03-13T01:58:24.922226Z","last_seen":"2026-04-04T12:14:45.819139Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voting-avici.money/A3sLm15Y.php?s=%2Fipfs%2F7Gc6p9UQ5JqaOMMS_fY_pg0702b396044cd339a8cd438d2bd10030%3Ft%3D1775304858406","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f30a762c31d7d41c0cf423a450c4d64","sha1":"2a5aea3514410f23f959e658dd033c76d54df96f","sha256":"4f695d6d4ce1262a9ceed24f3cd05f26020e233e020b9b2962b21789399f4392","sha512":"5dfbd130a51edc61e83669de7e8cb8f73d43dce66b2614baa0f6cb12f56b32a9e749ae84f2cd371577113156420a89e279524feaa0bfe554585276844ef1bce0","ssdeep":"6144:Ih5gDcAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:oscAnXwRTMP8chPc730WW","tlshash":"afd4eac2ab08157340ca2eb5047b42afdf882d4d078ba85077f9afd9d74578231eee59","size":622850,"data":"","first_seen":"2026-04-04T12:14:45.817435Z","last_seen":"2026-04-04T12:14:45.817435Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"voting-avici.money/A3sLm15Y.php?s=%2Fjmpd%2F","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://voting-avici.money/","date":"2026-04-04T12:14:20.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voting-avici.money","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 23:21:57 GMT","end":"Mon, 29 Jun 2026 23:21:56 GMT"},"fingerprint":{"sha1":"7E:6A:F9:59:7C:DB:79:BA:2C:10:6F:C2:D6:81:E5:C1:ED:3A:1E:8B","sha256":"44:61:77:36:B1:29:F5:60:2C:42:5F:E1:C8:BF:09:10:11:75:FD:D4:9D:4F:EE:35:96:8E:16:D8:A6:0D:EB:9B"}}},"request":{"raw":"POST /A3sLm15Y.php?s=%2Fjmpd%2F HTTP/1.1\r\nHost: voting-avici.money\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voting-avici.money/\r\ncontent-type: application/json\r\nContent-Length: 1403\r\nOrigin: https://voting-avici.money\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1403,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBsgIXAxUADQDKAvACGAACAyYAAQIAJAMAAO8nhn2XtsKCAWA330Ix178ryHfcsGkCAADyEE3bV64lxECNOXSdIBEUr7pUanA6EYRct8JYJIrhl0EKJM-5hW0FWuvVHurvlIkg1rm-qb0so8azuRzoRLYaKexR0agYvIyPveZxNagVWR4K2rITy-1ltWpg5aL8R6UYxQ22VAXJKsR9_GiDRM2ndKOScF3Zt35QRRQU5J0ZJDy-LB5oULr8NquNjEYGJPFwyPVKh-LCW4Rlh-wXk7qtWIdObljdg6UTQRl1ThUDue0y7R5TQSQTlcSeTVKywpfpAd04Q1mnkHwNym83raDW1_HIq-IMsHqRIGfh10UkAX4StPMNOwtamRGgc0EM0aRhia1OjAthNDl4JHtd57N39qP4vr7P3J5dURkV3gIttisMAExvsQfNsY6aDvZN8CmS35nMqoiDfPYIQwBZ82zpyIHEIDFxzmblAZb09kc2hGGbOBECVHYGGiWUUH8X-w9F53-QWiNjYNP-WHNzj26kC7QpilIXdl-gpDhj5lvx5C-pJp6QRNw2pI2ukp0E8Ju9OrY9oHQLx3zarTKUWmhUq4GSt_71liD2NKR_XGeZfSExH-8e53RY-Q5MRUQBnRXuE1EAazMBPvb9S5d3cPg6RYYuCSH8rkgOP3gv6iwUE6A2YZfIpOhK3Sqy2rKmXDA-35QvaTXDHqpXrnW3YsnGjSeYBZvcuesgdhO66pOFHhmI77nki7HBRBOBquji-Rc-zXI0-Xjyot-D3YMiDjjkg1zE0u7EZ6qcOl9TgcVHuPhzJ6ni-Rk1N8iktqnJO8RXtGH5VMeLiyGDp2RSZ7sQ-zM8VUZOBFdGO2qbBj4mqlEt3-UEWVDn1yMQqpGGHurRugRnlAN7kis_BpulWo5dggTQrbvCb1WJZd39_nj3Q29U2mIpL-fBamEhEADs4j-Ynexq0fUKeHNVuWIbVBPgDlat9_H_0So4cAr8tdltMYvcnYVpz8SKcVC8cUoS6exawWsH2XzDdIoD-rpR_5R8xEKUL3U88TPXBpj4DWTrpWaMLqrOwSr21Y7Tl3izzppmMzLKKpODDDnfBNkqU_MqBdOR1iQIpxC9sVWFZpb-A97R96oKBBjChUSvfbzHbynt4rnjGMrhxI29bxA\",\"challenge\":\"eyJpZCI6Im95V0lac3RQOUVhejBpOVVpX0pCNXciLCJub25jZSI6MjQ0LCJoYXNoIjoiMDBiY2JlMTYzNGJmOWVjZTYyMDUyMTE5NWRiYmQxYmZmMDQyNjk5NTMxNjhkODAyZGRhYTZmZTBhMzZjOTU5ZiJ9\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sat, 04 Apr 2026 12:14:20 GMT\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hn1i%2BFT1KN70YdFvQ4yYusoU1zWrsB6NerPWynvWgzNdFQFDLVpZpDf1cOHvKTKKPcCDWhEo%2F7LfOuJdGRnCY7AWAq80fC3I3MH9vdakA4iflYwi0EGk6VYjk8DyROPgBubIdFk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e703b6ffbb22efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":620,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":620,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voting-avici.money/","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-04T12:14:17.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voting-avici.money","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 23:21:57 GMT","end":"Mon, 29 Jun 2026 23:21:56 GMT"},"fingerprint":{"sha1":"7E:6A:F9:59:7C:DB:79:BA:2C:10:6F:C2:D6:81:E5:C1:ED:3A:1E:8B","sha256":"44:61:77:36:B1:29:F5:60:2C:42:5F:E1:C8:BF:09:10:11:75:FD:D4:9D:4F:EE:35:96:8E:16:D8:A6:0D:EB:9B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: voting-avici.money\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 12:14:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 12 Mar 2026 18:23:48 GMT\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1MjEA17t9w5zq5NCYnDPBR5RGoaQZpFNvrjfRwH4oq2H6KEwKAGWRDhGcel4PuUKZnNBv%2FTonSvT9B487bhwjxa72oQnyt%2BysLmBttzmGgVVmYncOsH7BkyTSHPMGWlYP0GXq6Q%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e703b639bf1b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138631,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (28104)","md5":"96ee4d005b6b2b7465a67476d2db8d50","sha1":"fcb44c2494f58e6645e7d46ffd125887801c9a5a","sha256":"1969a623c72ed941fba185608df132c2ccd2b016de59ddbb75abd3d7797392dc","sha512":"26d79ac95561ab698505e29d72463ca6a56e8a7402a01b63ed9ef0ae98784def2bcf4d7d80b95517b42765710761e2523ad5817d080be5387fb6065910e9e9b8","ssdeep":"3072:R3XXzBvraQLdF7Ja5uZNDtSQCX2t2N0vGhNtSQCX2eO:RnNvGQLdFGuLZZCXG2N0vGhbZCXtO","tlshash":"e2d3d03154e489a604cb83cce664eb2d3f4ea257bf2585047bec65ca2f47cd0d9972ac","first_seen":"2026-04-04T12:14:45.815023Z","last_seen":"2026-04-04T12:14:45.815023Z","times_seen":1,"resource_available":true,"data":null}},"time_used":576,"timings":{"blocked":248,"dns":222,"connect":6,"send":0,"wait":80,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voting-avici.money/style.css","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://voting-avici.money/","date":"2026-04-04T12:14:18.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voting-avici.money","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 23:21:57 GMT","end":"Mon, 29 Jun 2026 23:21:56 GMT"},"fingerprint":{"sha1":"7E:6A:F9:59:7C:DB:79:BA:2C:10:6F:C2:D6:81:E5:C1:ED:3A:1E:8B","sha256":"44:61:77:36:B1:29:F5:60:2C:42:5F:E1:C8:BF:09:10:11:75:FD:D4:9D:4F:EE:35:96:8E:16:D8:A6:0D:EB:9B"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: voting-avici.money\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voting-avici.money/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 04 Apr 2026 12:14:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 23 Nov 2025 01:49:00 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"6922680c-12ddce\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8poqH2UEvYX4LSKUZnoOfAWemcR40ijKykaYrdhnTCtYazQ4z8Av5vqjhMPbCzKWI%2BLoC2UhyVsUbMaMlIj1r1uKM9PMyRX5Ez81nwoN2y75YrbpJ3MDUuhwihUb9crqqD3JuWs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e703b651a0b2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1236430,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (59139), with CRLF line terminators","md5":"cb272cef7a6bb49a8054966a91aad1fa","sha1":"98790fe83ed72e24e6254a50a42860924f3f89dc","sha256":"bf3396c70d1e64b1f6581a83dc0519bc6b994b21ee1c657ed63e3997c577d5fc","sha512":"05093c69df2d64721b2f8e02fe26917ce686340a3822155ddaa5b4a9554eebbb9f1aefc8848c3847f04adc782aa4c10e57064c57a090b4e5301cbd873b14383c","ssdeep":"12288:54mIu/fRFA2vyWh2vyWJeXhVxwrjKZqHL5kiVzQoo22JIJ4CfytgPcwPc2WiA27:myfROeRVxwuqbo22+qCKtwcw0b27","tlshash":"f025e132080aa1126a731deab34ab570ed18a1439a5093a177fd331d9fffd7112b1b6d","first_seen":"2025-12-10T22:47:49.208432Z","last_seen":"2026-04-04T12:14:45.815914Z","times_seen":3,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voting-avici.money/A3sLm15Y.php?s=%2Fipfs%2F7Gc6p9UQ5JqaOMMS_fY_pg0702b396044cd339a8cd438d2bd10030%3Ft%3D1775304858406","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voting-avici.money/","date":"2026-04-04T12:14:18.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voting-avici.money","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 23:21:57 GMT","end":"Mon, 29 Jun 2026 23:21:56 GMT"},"fingerprint":{"sha1":"7E:6A:F9:59:7C:DB:79:BA:2C:10:6F:C2:D6:81:E5:C1:ED:3A:1E:8B","sha256":"44:61:77:36:B1:29:F5:60:2C:42:5F:E1:C8:BF:09:10:11:75:FD:D4:9D:4F:EE:35:96:8E:16:D8:A6:0D:EB:9B"}}},"request":{"raw":"GET /A3sLm15Y.php?s=%2Fipfs%2F7Gc6p9UQ5JqaOMMS_fY_pg0702b396044cd339a8cd438d2bd10030%3Ft%3D1775304858406 HTTP/1.1\r\nHost: voting-avici.money\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voting-avici.money/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 04 Apr 2026 12:14:19 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LiXIDNlw3ahfH9ZHj0mncKg6K5cVtMhonwnl3Nz%2F%2BclLlkcNl3CGsnKlsAhZbS66TXkntyVbb90tVXLkWBGjJUAYx3LEC9ntI%2F5AV427arncFz4G9ftJGkVtlDtWx7NISf5eHCY%3D\"}]}\r\ncf-ray: 9e703b652a0e2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":622850,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2f30a762c31d7d41c0cf423a450c4d64","sha1":"2a5aea3514410f23f959e658dd033c76d54df96f","sha256":"4f695d6d4ce1262a9ceed24f3cd05f26020e233e020b9b2962b21789399f4392","sha512":"5dfbd130a51edc61e83669de7e8cb8f73d43dce66b2614baa0f6cb12f56b32a9e749ae84f2cd371577113156420a89e279524feaa0bfe554585276844ef1bce0","ssdeep":"6144:Ih5gDcAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:oscAnXwRTMP8chPc730WW","tlshash":"afd4eac2ab08157340ca2eb5047b42afdf882d4d078ba85077f9afd9d74578231eee59","first_seen":"2026-04-04T12:14:45.817435Z","last_seen":"2026-04-04T12:14:45.817435Z","times_seen":1,"resource_available":true,"data":null}},"time_used":778,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":696,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voting-avici.money/favicon.ico","fqdn":"voting-avici.money","domain":"voting-avici.money","tld":"money"},"ip":{"addr":"104.21.37.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://voting-avici.money/","date":"2026-04-04T12:14:18.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voting-avici.money","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 23:21:57 GMT","end":"Mon, 29 Jun 2026 23:21:56 GMT"},"fingerprint":{"sha1":"7E:6A:F9:59:7C:DB:79:BA:2C:10:6F:C2:D6:81:E5:C1:ED:3A:1E:8B","sha256":"44:61:77:36:B1:29:F5:60:2C:42:5F:E1:C8:BF:09:10:11:75:FD:D4:9D:4F:EE:35:96:8E:16:D8:A6:0D:EB:9B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: voting-avici.money\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voting-avici.money/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 04 Apr 2026 12:14:18 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=inrrzTTdpwxDFkvBuFkeWjzx91v5PP8Mro4YaHhiMAS1z%2B2UowaGEQE80fQ%2F3w1%2BuCRoY%2Bnr7%2F0hNlC2XRf%2BEL9xrv17oiOf41XDFQ%2BqazhiUdhta1kRQ4fSndOB0KuELha49iM%3D\"}]}\r\nlast-modified: Sun, 23 Nov 2025 01:46:56 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69226790-2bf2c\"\r\ncf-ray: 9e703b66fa642efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":180012,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"021d311b06695337738ac790cb06231a","sha1":"0b069127ec8ffd66c02aebccc34ecf426c4cd2d8","sha256":"7391e596b7c0d6e0e7fa5f577ba97c2c6aa15cc565312ab070481ad36b22f1ba","sha512":"18daef9fdba295f1c2fbf00d2b22a9ea8c2e42626c6f06e305d52dc44b680d6d0bf266109778a66ef4f86dffd4a7c6704c5efe75188950515c85c1744ebecb6b","ssdeep":"1536:Bg0YqRpx0TTvwcEoqUJOIvXNkQUTnkvpn59U3gr:VCTIcPOIvXOznkho3I","tlshash":"9904f8769f2cd40dfa04babcd980ce8c167478b01b9b91f270ae5d7546e870bde5a01b","first_seen":"2025-12-10T22:47:49.210278Z","last_seen":"2026-04-04T12:14:45.818252Z","times_seen":3,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"voting-avici.money","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}