{"report_id":"5e831b78-35fe-4501-be78-ec8f54c3bfec","version":0,"status":"done","tags":[],"date":"2026-06-17T16:52:35Z","url":{"schema":"http","addr":"pabmos.com/dcs","fqdn":"pabmos.com","domain":"pabmos.com","tld":"com"},"ip":{"addr":"91.92.41.55","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"http","addr":"pabmos.com/dcs","fqdn":"pabmos.com","domain":"pabmos.com","tld":"com"},"title":"404 Not Found","dom":{"size":58270,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (56754)","md5":"e324472edc7f137847e1153216b74f21","sha1":"c0129daa5c29b306ce8895c110354fedf8cd5f5d","sha256":"067a5e11316ffaf4156bbe0d061e08c0c1edd7716ac123147c1d7cb8be93f6c8","sha512":"fc7230332c21664fc5caaf29f34ca15efec60d85eff69a4147e15d1dcb533b1180d4823bd23064f378928672441d1689823fa33e723f2cbf855d856253c36ed5","ssdeep":"768:vHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdomw:/mDD6oeFUycwpk06hWp1b99c7VO","tlshash":"1243021803de40a2dd8968d9426f3f3c842a1863da1c94bd1f5b6df4ca0d8a4767f2e9","dom_hash":"domhash708fc6640191fb2d599dfcf04175f29a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"pabmos.com/dcs","fqdn":"pabmos.com","domain":"pabmos.com","tld":"com"},"ip":{"addr":"91.92.41.55","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T16:52:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"pabmos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"pabmos.com","ip":{"addr":"91.92.41.55","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-06-11","domain_rank":0,"first_seen":"2026-06-16T01:34:01.44012Z","last_seen":"2026-06-16T01:34:01.44012Z","alert_count":12,"request_count":3,"received_data":175526,"sent_data":1291,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pabmos.com/dcs","fqdn":"pabmos.com","domain":"pabmos.com","tld":"com"},"ip":{"addr":"91.92.41.55","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:52:11.953Z","timestamp":1781715131953,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pabmos.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Jun 2026 14:47:39 GMT","end":"Tue, 15 Sep 2026 14:47:38 GMT"},"fingerprint":{"sha1":"C4:7F:3C:C5:E8:06:1A:BE:1F:AE:FE:99:2C:07:42:D9:29:90:71:B9","sha256":"85:09:FC:EA:10:AF:ED:F3:37:84:D6:5A:D7:4F:1D:64:0A:EE:9B:E0:69:46:B5:16:7F:0E:21:40:00:DA:B7:BC"}}},"request":{"raw":"GET /dcs HTTP/1.1\r\nHost: pabmos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:52:12 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"6a32be9f-e3b8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":44116,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-23T16:43:02.195579Z","times_seen":12490,"resource_available":true,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":281,"connect":20,"send":0,"wait":21,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"pabmos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"pabmos.com/dcs","fqdn":"pabmos.com","domain":"pabmos.com","tld":"com"},"ip":{"addr":"91.92.41.55","port":80,"asn":2914,"as":"NTT-LTD-2914","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:52:12.510Z","timestamp":1781715132510,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /dcs HTTP/1.1\r\nHost: pabmos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 16:52:12 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6a32be9f-e3b8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":44159,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-23T16:43:02.195579Z","times_seen":12490,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":4,"connect":19,"send":0,"wait":24,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"pabmos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"pabmos.com/favicon.ico","fqdn":"pabmos.com","domain":"pabmos.com","tld":"com"},"ip":{"addr":"91.92.41.55","port":80,"asn":2914,"as":"NTT-LTD-2914","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://pabmos.com/dcs","date":"2026-06-17T16:52:12.681Z","timestamp":1781715132681,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pabmos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://pabmos.com/dcs\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 16:52:12 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6a32be9f-e3b8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58296,"size_decoded":44159,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"cbb42513032d6c09e496731ac16c20a9","sha1":"c92f38a701aad58408451d24dd4c47b05f158cf0","sha256":"d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b","sha512":"3d76f1018afceaba7cbb4083f4a5b5758966ec2aa5d5c6b07d72361782809f7ed4bd34ed9e0c4154d01a2db7192155de8251e5a834dd90b8d9823d916e1b7285","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom2:cmDD6oeFUycwpk06hWp1b99c7VM","tlshash":"8443021803de40a2cd8978d9426f2f3d842a1863da1c94bd1f5b6df4ca0d8a4767f1e9","first_seen":"2024-11-25T13:26:01.204756Z","last_seen":"2026-06-23T16:43:02.195579Z","times_seen":12490,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"pabmos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pabmos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}