{"report_id":"47a20eec-0a84-4470-8f9f-738bfba9e800","version":6,"status":"done","tags":[],"date":"2026-04-08T12:26:21Z","url":{"schema":"http","addr":"getfuzzybear.xyz","fqdn":"getfuzzybear.xyz","domain":"getfuzzybear.xyz","tld":"xyz"},"ip":{"addr":"145.223.77.119","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"getfuzzybear.xyz/","fqdn":"getfuzzybear.xyz","domain":"getfuzzybear.xyz","tld":"xyz"},"title":"Xaman – XRP Community Day | Vote \u0026 Claim Your Allocation","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"getfuzzybear.xyz","fqdn":"getfuzzybear.xyz","domain":"getfuzzybear.xyz","tld":"xyz"},"ip":{"addr":"145.223.77.119","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-13T12:26:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"getfuzzybear.xyz","ip":{"addr":"145.223.77.119","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"domain_registered":"2026-03-31","domain_rank":0,"first_seen":"2026-04-08T12:26:21.937602Z","last_seen":"2026-04-08T12:26:21.937602Z","alert_count":6,"request_count":3,"received_data":3229788,"sent_data":1327,"comment":"","tags":null,"fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"getfuzzybear.xyz/","fqdn":"getfuzzybear.xyz","domain":"getfuzzybear.xyz","tld":"xyz"},"ip":{"addr":"145.223.77.119","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T12:25:57.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"getfuzzybear.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 09:04:05 GMT","end":"Mon, 29 Jun 2026 09:04:04 GMT"},"fingerprint":{"sha1":"CB:C5:29:71:7D:DD:04:E4:A4:79:13:DD:B2:76:31:01:6B:E2:C1:C3","sha256":"41:4A:56:4F:1B:9C:CE:B8:0C:C4:DB:63:48:E3:CC:CF:7D:D6:2D:BF:3D:62:A8:4C:EE:EB:B0:E6:6A:D6:8F:AB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: getfuzzybear.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 31 Mar 2026 09:25:20 GMT\r\netag: \"10e75-69cb9300-268e7b63900830d5;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14811\r\ndate: Wed, 08 Apr 2026 12:25:57 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":69237,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5701)","md5":"9f82b91a4c2864ab246360e8c5622e22","sha1":"2cf79cbb86e967d587535cb18ed32a5631886fa8","sha256":"29227b29c6ec98f1ee6319cb67c37d24d5854e46294c3e06e41ea7599477cc6f","sha512":"44e43473f7756e3253ad41f49208aca27ecf7cc99bdde86b67303b3b1a69c37fb14b59c9342800dbf1ce8679ba2ed70eb5fcba0e0116603d63f0133fca90b8d2","ssdeep":"768:lVT91TGNO1x5cqmJIFKT2NfHHOZ35JA8PxB5R3ItSJb3leKCMcO59vzoCx:lVT1x5cN+fHHOZ3TA8PT5W0XvzoCx","tlshash":"7263d721816257bab40fa1e8dbb033fd31238a4fef9293e5799e4364c7c6d954e32148","first_seen":"2026-03-18T15:48:49.248775Z","last_seen":"2026-04-08T12:26:24.826543Z","times_seen":7,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":269,"dns":59,"connect":100,"send":0,"wait":102,"receive":22,"ssl":108},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"getfuzzybear.xyz/css2.css","fqdn":"getfuzzybear.xyz","domain":"getfuzzybear.xyz","tld":"xyz"},"ip":{"addr":"145.223.77.119","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://getfuzzybear.xyz/","date":"2026-04-08T12:25:57.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"getfuzzybear.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 09:04:05 GMT","end":"Mon, 29 Jun 2026 09:04:04 GMT"},"fingerprint":{"sha1":"CB:C5:29:71:7D:DD:04:E4:A4:79:13:DD:B2:76:31:01:6B:E2:C1:C3","sha256":"41:4A:56:4F:1B:9C:CE:B8:0C:C4:DB:63:48:E3:CC:CF:7D:D6:2D:BF:3D:62:A8:4C:EE:EB:B0:E6:6A:D6:8F:AB"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: getfuzzybear.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://getfuzzybear.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 15 Apr 2026 12:25:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 31 Mar 2026 09:25:19 GMT\r\netag: \"2c6f-69cb92ff-b65052ef48915dc7;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 624\r\ndate: Wed, 08 Apr 2026 12:25:57 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":11375,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"21b4ac5acbfc35a5ac1d879a9e667bff","sha1":"bca7bcfa93c7691a771745054b741663b293738d","sha256":"1657c58eaa727fac84f00c324a643a141ae79a0d597e29e5cae0d8886a75d1b6","sha512":"0ef5a5322759206eae5fbcd12de221391483818b6e6612aa2e87cf0975638bfd3e579e662bdb2166ed11b20b11b7fb15169c7d692d77cb3c9f6ea2c2f7cb40c2","ssdeep":"192:wTAz6O3lV5iTTNSbO34o5DMTOB0O3/v581Tro9O3iS5lWTEv+O3RB5Gp:GOkvWsk1i6a","tlshash":"9c327a91002b6400a7a71cc277ce3f3aaedd6044a049da782ffd0d8a6cdeda953a575d","first_seen":"2026-01-21T11:26:17.420486Z","last_seen":"2026-04-08T12:26:24.828731Z","times_seen":11,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"getfuzzybear.xyz/123.js","fqdn":"getfuzzybear.xyz","domain":"getfuzzybear.xyz","tld":"xyz"},"ip":{"addr":"145.223.77.119","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://getfuzzybear.xyz/","date":"2026-04-08T12:25:57.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"getfuzzybear.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 09:04:05 GMT","end":"Mon, 29 Jun 2026 09:04:04 GMT"},"fingerprint":{"sha1":"CB:C5:29:71:7D:DD:04:E4:A4:79:13:DD:B2:76:31:01:6B:E2:C1:C3","sha256":"41:4A:56:4F:1B:9C:CE:B8:0C:C4:DB:63:48:E3:CC:CF:7D:D6:2D:BF:3D:62:A8:4C:EE:EB:B0:E6:6A:D6:8F:AB"}}},"request":{"raw":"GET /123.js HTTP/1.1\r\nHost: getfuzzybear.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://getfuzzybear.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 15 Apr 2026 12:25:57 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Tue, 31 Mar 2026 09:25:23 GMT\r\netag: \"300712-69cb9303-7081e438816c8b2f;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 08 Apr 2026 12:25:57 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":3147538,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9b3562e2771fe219e62b848a87e993d0","sha1":"f39d477e32e3165459831906950b8cabcc96981f","sha256":"41a1664f25fc3ed11bc9072ee33186b8571cb75517ca24df040f9c383514200d","sha512":"5e50523fff44667b40e8c56586ac8c2d3432324da9f4676004c186b8048dd538fa66f6a9161ff3e8a409a1313e3526e886d917ce77daa734e0d1019290ff9b59","ssdeep":"24576:SaOxtb5eEVZphhp5xhdhA+XboWABK91VZ5NtpJ119YkAbrMJX0NNDSA8fnnETlrW:SaceE/Q3SbomRnI6hn38HM4u","tlshash":"c2258413a2d038d651d75fb1b62350daec2d4bafa48ca6fa998cf830fce1054e5d8674","first_seen":"2026-03-30T01:57:39.989708Z","last_seen":"2026-04-08T12:26:24.830313Z","times_seen":5,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":487,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"getfuzzybear.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}