{"report_id":"500ca21f-b8d0-4c6f-81f9-8a3dc23e4bd2","version":6,"status":"done","tags":[],"date":"2026-03-30T20:43:00Z","url":{"schema":"https","addr":"mailer.zohoinsights-trainercentral.com/ck1/2d6f.38be886/20582450-2c71-11f1-ac5e-fae9afc80e45/aeb131c7ca1f6ff091c9eb65ef7687782c01a846/2?e=lcgFGu1FbPGEHRYMZ%2Fv6xNLPTL3cQ%2FaeeBSd8YD7og3kdK7X%2Fwy67reQe2OiYpTa5LfvLV3DHp2LG9RNHk9AuwIe7Pm1N6RUymT3sYErVOVaaoUuojIeOlMiyRz9HF4u","fqdn":"mailer.zohoinsights-trainercentral.com","domain":"zohoinsights-trainercentral.com","tld":"com"},"ip":{"addr":"204.141.42.213","port":0,"asn":2639,"as":"ZOHO-AS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be/","fqdn":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","domain":"mysomfyshowroom.be","tld":"be"},"title":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be/","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"mailer.zohoinsights-trainercentral.com/ck1/2d6f.38be886/20582450-2c71-11f1-ac5e-fae9afc80e45/aeb131c7ca1f6ff091c9eb65ef7687782c01a846/2?e=lcgFGu1FbPGEHRYMZ%2Fv6xNLPTL3cQ%2FaeeBSd8YD7og3kdK7X%2Fwy67reQe2OiYpTa5LfvLV3DHp2LG9RNHk9AuwIe7Pm1N6RUymT3sYErVOVaaoUuojIeOlMiyRz9HF4u","fqdn":"mailer.zohoinsights-trainercentral.com","domain":"zohoinsights-trainercentral.com","tld":"com"},"ip":{"addr":"204.141.42.213","port":0,"asn":2639,"as":"ZOHO-AS","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-04T20:43:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":10}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"cmtd1.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"flowto.it","ip":{"addr":"104.18.38.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-11-02","domain_rank":897300,"first_seen":"2019-11-23T02:43:59Z","last_seen":"2026-03-19T03:14:57.812135Z","alert_count":0,"request_count":1,"received_data":500,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flowcode.com","ip":{"addr":"172.64.152.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2010-06-16","domain_rank":41054,"first_seen":"2017-04-21T21:20:38Z","last_seen":"2026-03-28T16:33:00.227336Z","alert_count":0,"request_count":1,"received_data":935,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","ip":{"addr":"8.208.23.148","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"domain_registered":"2023-12-28","domain_rank":0,"first_seen":"2026-03-30T20:43:00.291517Z","last_seen":"2026-03-30T20:43:00.291517Z","alert_count":10,"request_count":2,"received_data":779,"sent_data":1057,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"mailer.zohoinsights-trainercentral.com","ip":{"addr":"204.141.42.213","port":443,"asn":2639,"as":"ZOHO-AS","country":"United States","country_code":"US"},"domain_registered":"2021-06-30","domain_rank":0,"first_seen":"2026-01-16T12:47:49.879915Z","last_seen":"2026-03-26T15:28:17.031017Z","alert_count":0,"request_count":1,"received_data":622,"sent_data":740,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cmtd1.com","ip":{"addr":"144.217.32.44","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"domain_registered":"2008-06-11","domain_rank":2866850,"first_seen":"2013-07-24T14:19:45Z","last_seen":"2026-03-15T07:15:06.230527Z","alert_count":5,"request_count":1,"received_data":338,"sent_data":552,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"flowto.it/ek4PGm7EL3?fc=0","fqdn":"flowto.it","domain":"flowto.it","tld":"it"},"ip":{"addr":"104.18.38.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-30T20:42:39.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowto.it","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 14:25:36 GMT","end":"Fri, 12 Jun 2026 15:25:31 GMT"},"fingerprint":{"sha1":"9E:6E:F9:74:8E:4B:E1:D0:52:61:30:E8:68:2D:41:B6:56:68:4D:9A","sha256":"08:D2:B8:64:CA:71:DD:42:9E:11:6A:AB:FF:05:9C:C0:9A:36:F7:73:19:30:5D:FA:29:85:26:B0:29:7D:D2:F9"}}},"request":{"raw":"GET /ek4PGm7EL3?fc=0 HTTP/1.1\r\nHost: flowto.it\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 30 Mar 2026 20:42:40 GMT\r\ncontent-length: 0\r\nlocation: https://flowcode.com/p/ek4PGm7EL3?fc=0\r\nset-cookie: __cf_bm=ZtCSlsbEGxFfycVsf4ceL_12h5xzqmPIMLr7rCkH0Cc-1774903360.0722857-1.0.1.1-QP1h529ElyN6Mm8BVTW4A.mhF72ohYmROAesH0807DHCJQi8kz7tkSyS7eRK0xFu9DBWxx1zl2Ggo.CVWAzSLdt.TMZdkdbsuS4mvUc3FrKTH6VkP_QEefvMIG96RPyY; HttpOnly; Secure; Path=/; Domain=flowto.it; Expires=Mon, 30 Mar 2026 21:12:40 GMT\r\nserver: cloudflare\r\ncf-ray: 9e49f13079db56c1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":84,"dns":67,"connect":1,"send":0,"wait":9,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flowcode.com/p/ek4PGm7EL3?fc=0","fqdn":"flowcode.com","domain":"flowcode.com","tld":"com"},"ip":{"addr":"172.64.152.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-30T20:42:40.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowcode.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 20:42:37 GMT","end":"Sat, 27 Jun 2026 21:42:33 GMT"},"fingerprint":{"sha1":"4A:29:B7:99:B9:E5:EC:B9:66:96:57:63:A6:12:C5:82:5C:18:BA:41","sha256":"7F:F7:7F:75:11:BE:BA:C5:49:75:24:A3:DE:7B:05:CF:CF:20:FB:58:F1:E0:02:BB:60:1A:64:1C:A0:94:E7:94"}}},"request":{"raw":"GET /p/ek4PGm7EL3?fc=0 HTTP/1.1\r\nHost: flowcode.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 30 Mar 2026 20:42:40 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://idx-44e79756f2adb0d5765434.mysomfyshowroom.be/\r\ncf-ray: 9e49f130da6a569b-OSL\r\nexpires: Thu, 01 Jan 1970 00:00:00 UTC\r\npragma: no-cache\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=Sy_FZlv4XXQ8KB31u_wFpRWj2e2nzmmvQm01EPSm5Lo-1774903360-1.0.1.1-.i3SHpJxZScBXCY85kFJsjAX55bJmiP.nD_iPOLuVLJNV.hPdCwuFzX2FGISZdq8juhqNTRn71DH8W3iwB8LuKEkJGXPXJBd9neli.iD0tY; path=/; expires=Mon, 30-Mar-26 21:12:40 GMT; domain=.flowcode.com; HttpOnly; Secure; SameSite=None\n_cfuvid=mnDwjZ18lCZFF9o2Hi2GxZzK.ROu9eg0xnj24p9t8q8-1774903360309-0.0.1.1-604800000; path=/; domain=.flowcode.com; HttpOnly; Secure; SameSite=None\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfOrigin;dur=3,cfEdge;dur=169\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":54,"dns":35,"connect":1,"send":0,"wait":173,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be/","fqdn":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","domain":"mysomfyshowroom.be","tld":"be"},"ip":{"addr":"8.208.23.148","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-30T20:42:40.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 12:50:22 GMT","end":"Fri, 19 Jun 2026 12:50:21 GMT"},"fingerprint":{"sha1":"4E:97:DF:99:2D:46:52:62:1D:82:7F:2E:CE:30:69:A9:9A:55:63:1A","sha256":"E8:BD:BF:05:1C:6A:09:56:B7:5F:5F:0C:30:E1:2C:34:75:FC:36:C9:6A:42:F7:5E:9F:50:C7:BC:59:63:CC:6A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: idx-44e79756f2adb0d5765434.mysomfyshowroom.be\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=9053tvj8lvdn82p9m9f45jq6ni; path=/\r\ncontent-length: 0\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 30 Mar 2026 20:42:40 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":110,"dns":50,"connect":27,"send":0,"wait":344,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be/favicon.ico","fqdn":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","domain":"mysomfyshowroom.be","tld":"be"},"ip":{"addr":"8.208.23.148","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://idx-44e79756f2adb0d5765434.mysomfyshowroom.be/","date":"2026-03-30T20:42:41.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 12:50:22 GMT","end":"Fri, 19 Jun 2026 12:50:21 GMT"},"fingerprint":{"sha1":"4E:97:DF:99:2D:46:52:62:1D:82:7F:2E:CE:30:69:A9:9A:55:63:1A","sha256":"E8:BD:BF:05:1C:6A:09:56:B7:5F:5F:0C:30:E1:2C:34:75:FC:36:C9:6A:42:F7:5E:9F:50:C7:BC:59:63:CC:6A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: idx-44e79756f2adb0d5765434.mysomfyshowroom.be\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idx-44e79756f2adb0d5765434.mysomfyshowroom.be/\r\nCookie: PHPSESSID=9053tvj8lvdn82p9m9f45jq6ni\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 292\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Mon, 30 Mar 2026 20:42:41 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":292,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"c6a177664ee09fdf594bc58e3e01a609","sha1":"5081baf4352e0d1659a450d83343b40ffadcc4d4","sha256":"7133ba1c5631c8a04a11708e056e1f441ff84c5ad1d445a92fac3df381117886","sha512":"6a1f90ca464b9f33a2578b326174b918635a9aeb89c01e112f257358d47df26a1967ce0f0bd00b51ea75a3a0ecfad007525c065da29ec38de3707165c043e3b3","ssdeep":"","tlshash":"42e0ebcd510733961c9118b038c508c2238903f6a93d82e83ccae043229c93dcccb58d","first_seen":"2026-03-30T20:43:03.8646Z","last_seen":"2026-03-30T20:43:03.8646Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"idx-44e79756f2adb0d5765434.mysomfyshowroom.be","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mailer.zohoinsights-trainercentral.com/ck1/2d6f.38be886/20582450-2c71-11f1-ac5e-fae9afc80e45/aeb131c7ca1f6ff091c9eb65ef7687782c01a846/2?e=lcgFGu1FbPGEHRYMZ%2Fv6xNLPTL3cQ%2FaeeBSd8YD7og3kdK7X%2Fwy67reQe2OiYpTa5LfvLV3DHp2LG9RNHk9AuwIe7Pm1N6RUymT3sYErVOVaaoUuojIeOlMiyRz9HF4u","fqdn":"mailer.zohoinsights-trainercentral.com","domain":"zohoinsights-trainercentral.com","tld":"com"},"ip":{"addr":"204.141.42.213","port":443,"asn":2639,"as":"ZOHO-AS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-30T20:42:39.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tracking.maool.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:49:35 GMT","end":"Thu, 28 May 2026 00:49:34 GMT"},"fingerprint":{"sha1":"42:D7:74:F6:38:9F:7F:30:FE:A8:DF:7C:D1:5A:EF:97:DC:A6:89:05","sha256":"52:D9:68:75:52:A4:F8:3D:4C:C6:AF:C8:2E:53:B6:EB:5F:6A:86:67:71:26:B3:A3:30:7D:65:F8:D1:A6:1B:72"}}},"request":{"raw":"GET /ck1/2d6f.38be886/20582450-2c71-11f1-ac5e-fae9afc80e45/aeb131c7ca1f6ff091c9eb65ef7687782c01a846/2?e=lcgFGu1FbPGEHRYMZ%2Fv6xNLPTL3cQ%2FaeeBSd8YD7og3kdK7X%2Fwy67reQe2OiYpTa5LfvLV3DHp2LG9RNHk9AuwIe7Pm1N6RUymT3sYErVOVaaoUuojIeOlMiyRz9HF4u HTTP/1.1\r\nHost: mailer.zohoinsights-trainercentral.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 \r\nServer: ZGS\r\nDate: Mon, 30 Mar 2026 20:42:39 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nX-Content-Type-Options: nosniff\r\nSet-Cookie: zalb_04f0b6dd1f=09811d5b223b5ffba6ac037b63a4bc2d; Path=/; Secure; HttpOnly\ntm_csrf_cookie=30de6933-5753-4ec6-b252-80cefe9e0c13;path=/;SameSite=None;Secure;priority=high\n_zcsr_tmp=30de6933-5753-4ec6-b252-80cefe9e0c13;path=/;SameSite=Strict;Secure;priority=high\r\nX-Frame-Options: SAMEORIGIN\r\nLocation: https://cmtd1.com/c/443/fdfae1b052ad4e39c5af0c20d456cb01453d4ddc2d80bb6f121643953859bfee?%2F\r\nStrict-Transport-Security: max-age=64072000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":927,"timings":{"blocked":363,"dns":34,"connect":161,"send":0,"wait":199,"receive":0,"ssl":168},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmtd1.com/c/443/fdfae1b052ad4e39c5af0c20d456cb01453d4ddc2d80bb6f121643953859bfee?%2F","fqdn":"cmtd1.com","domain":"cmtd1.com","tld":"com"},"ip":{"addr":"144.217.32.44","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-30T20:42:39.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"forward.cmtd1.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 01:11:08 GMT","end":"Sun, 10 May 2026 01:11:07 GMT"},"fingerprint":{"sha1":"D4:FA:EC:FD:F2:7F:8F:55:77:F3:11:98:24:96:71:4E:32:54:5C:12","sha256":"B0:E9:64:6D:14:79:2E:42:44:B3:15:DC:77:32:C2:35:65:C0:C9:70:A0:48:8A:FD:4F:33:3E:AD:C4:3C:ED:18"}}},"request":{"raw":"GET /c/443/fdfae1b052ad4e39c5af0c20d456cb01453d4ddc2d80bb6f121643953859bfee?%2F HTTP/1.1\r\nHost: cmtd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: public, max-age=3600\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 30 Mar 2026 20:42:39 GMT\r\nlocation: https://flowto.it/ek4PGm7EL3?fc=0\r\nreferrer-policy: strict-origin\r\nserver: Apache\r\nstrict-transport-security: max-age=60\r\nx-content-type-options: nosniff\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":641,"timings":{"blocked":248,"dns":40,"connect":98,"send":0,"wait":145,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-30","alert":"Phishing Block","trigger":"cmtd1.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-30","alert":"Sinkholed","trigger":"cmtd1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}