{"report_id":"646eb6d2-1224-4ab9-bacc-2d7defd8016d","version":6,"status":"done","tags":[],"date":"2025-10-15T10:42:18Z","url":{"schema":"http","addr":"bollyflix.beer/","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"ip":{"addr":"52.223.13.41","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"bollyflix.beer/lander","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"title":"bollyflix.beer/lander"},"submit":{"url":{"schema":"http","addr":"bollyflix.beer/","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"ip":{"addr":"52.223.13.41","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-19T10:42:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"bollyflix.beer","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"img1.wsimg.com","ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2008-03-17","domain_rank":58983,"first_seen":"2012-06-20T14:42:31Z","last_seen":"2025-10-12T22:21:21.430222Z","alert_count":0,"request_count":4,"received_data":921050,"sent_data":1846,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"bollyflix.beer","ip":{"addr":"52.223.13.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-09-15","domain_rank":0,"first_seen":"2024-10-18T17:55:43.641866Z","last_seen":"2025-10-12T05:35:32.744936Z","alert_count":2,"request_count":2,"received_data":1491,"sent_data":1007,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-10-12T22:12:29.347805Z","alert_count":0,"request_count":1,"received_data":160078,"sent_data":441,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bollyflix.beer/","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"ip":{"addr":"52.223.13.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3effca764b1325dc476a4f275bb79d63","sha1":"83e96d57b2196e7dc7422e373d844941644d29ba","sha256":"6525c7cbcf52f274ffc5cbe01fd43c03fd77e9463d0757999a596776f0d4184b","sha512":"72188e1090ac227d6b67206326ff52924f0a264371024d22b1bed0a83a327e338b4044955da06d6bf02aa691b776990da4fddb1bdfead635696598d67646ad1b","ssdeep":"","tlshash":"20900289b011e5c411fa55265b17ba086063219bca105a4444010861653470f451abca","size":56,"data":"","first_seen":"2025-03-02T07:03:41.445505Z","last_seen":"2026-04-04T22:47:22.999556Z","times_seen":110936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bollyflix.beer/lander","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"ip":{"addr":"52.223.13.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"396983b43a97ac40197e7d22399b707b","sha1":"9c54ff4c30658fd6a7e94eaaae5072b3ed2ec1dc","sha256":"de4e0ef840a4a74223bb4637d128d0fd8894ac9f95bf604576e8c5280c768442","sha512":"82fd10e645edc15d344110f8b284535fb26273101b469e7db360c1aecec7c1d3fe30a0520a96e5b893ed378c90ed246b9224bd79dca35918753e2b4cb628e1e1","ssdeep":"","tlshash":"d5700028008000008830aaeb230b228c322ef0e0a0008e223220220020c80038802080","size":25,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T22:56:25.068516Z","times_seen":11712,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026gdabp=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d8feae8863931849cf4075ae9f9a830","sha1":"1dbc0deafe657b86b4c37b85c3c5e4ea6b6544e9","sha256":"1a5a5fa0b3063431cd48c4ed84cff83a98d40a619aafde27dac01695d8a9609f","sha512":"a77ee647a4e4a37a90a89681be0e0f35550d6046b70e40886471856ab335bac75eb6991e55ff7c600dcd23daa8f93307096f6c2c20d7f2389eddae74242e248e","ssdeep":"1536:9KzXuXs5eKcuVrQUNuDj897ZUwTCg3tdEVKcSpxqeJRV6X8oagGNNNat2mcFvXuq:qUBjCpz3fswxdZWbknH3cWdt+skVMIA","tlshash":"24f34acd73a1702243a394b4607f018fb13af865a84c88a4b199d9e47db4dad4277fbd","size":159361,"data":"","first_seen":"2025-10-13T19:55:39.691682Z","last_seen":"2025-10-15T11:43:16.455657Z","times_seen":542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/js/main.bd170100.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a2a1c00d71060a9ecb9d5e44ace71b8","sha1":"c9397a41108fc8898dea549dd38bd9ab631aabb2","sha256":"5e35e311b941dd82b901dbdd4e253491894df61175021f6cff97fdcd3cbaf801","sha512":"401dbaa42707789942aff6b4039b8b47200071be419ffa58f367d3c0deff3ec3ff1b57499619af68a3cd2e37da3c67fe147925181991d0fa7a31efcd485704de","ssdeep":"12288:6hdrdXeU6H3VUNJA7Ij70EHwzGOcQYnTsQYnTPDUk4f0WTI4WugqciqXD3HJQR0N:w/A7Ij7jHwzGOcQYnTsQYnT3JQ+N","tlshash":"0d053bce76e1b0b407e291eac43f590fb3796e15d00cc561eb79c9daa46984a813bf1c","size":852287,"data":"","first_seen":"2025-10-02T22:16:42.129469Z","last_seen":"2026-03-22T12:40:51.581408Z","times_seen":19900,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/js/main.bd170100.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bollyflix.beer/lander","date":"2025-10-15T10:41:56.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Fri, 05 Sep 2025 18:24:05 GMT","end":"Wed, 07 Oct 2026 18:24:05 GMT"},"fingerprint":{"sha1":"0E:95:B5:3C:BC:57:5B:29:44:36:31:82:4A:13:83:C0:BB:C6:51:2D","sha256":"2E:41:DD:15:BE:3D:3A:3A:29:F0:65:E6:52:EC:88:54:C4:60:01:9E:68:96:30:F3:2A:31:D9:A1:95:CA:69:24"}}},"request":{"raw":"GET /parking-lander/static/js/main.bd170100.js HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bollyflix.beer/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: hS6ZvfHnBgabN5ab+xRaPay/L072n0hhsnuWhqzmZhkavFwTjJ25pjNve1ey7SInIQgthk9T5tNtWREdJT7T5XFG02Dsbtqx\r\nx-amz-request-id: 1YG3SEQ9WDWQ1AMD\r\nlast-modified: Thu, 02 Oct 2025 21:53:41 GMT\r\netag: \"4a2a1c00d71060a9ecb9d5e44ace71b8\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 82IjhqVwcKusWCeC8HuMmFO.GlC7s43w\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 225772\r\ncache-control: max-age=31536000\r\nexpires: Thu, 15 Oct 2026 10:41:56 GMT\r\ndate: Wed, 15 Oct 2025 10:41:56 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":852287,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"4a2a1c00d71060a9ecb9d5e44ace71b8","sha1":"c9397a41108fc8898dea549dd38bd9ab631aabb2","sha256":"5e35e311b941dd82b901dbdd4e253491894df61175021f6cff97fdcd3cbaf801","sha512":"401dbaa42707789942aff6b4039b8b47200071be419ffa58f367d3c0deff3ec3ff1b57499619af68a3cd2e37da3c67fe147925181991d0fa7a31efcd485704de","ssdeep":"12288:6hdrdXeU6H3VUNJA7Ij70EHwzGOcQYnTsQYnTPDUk4f0WTI4WugqciqXD3HJQR0N:w/A7Ij7jHwzGOcQYnTsQYnT3JQ+N","tlshash":"0d053bce76e1b0b407e291eac43f590fb3796e15d00cc561eb79c9daa46984a813bf1c","first_seen":"2025-10-02T22:16:42.129469Z","last_seen":"2026-03-22T12:40:51.581408Z","times_seen":19900,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":60,"dns":46,"connect":3,"send":0,"wait":6,"receive":7,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/css/main.64e00bed.css","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bollyflix.beer/lander","date":"2025-10-15T10:41:56.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Fri, 05 Sep 2025 18:24:05 GMT","end":"Wed, 07 Oct 2026 18:24:05 GMT"},"fingerprint":{"sha1":"0E:95:B5:3C:BC:57:5B:29:44:36:31:82:4A:13:83:C0:BB:C6:51:2D","sha256":"2E:41:DD:15:BE:3D:3A:3A:29:F0:65:E6:52:EC:88:54:C4:60:01:9E:68:96:30:F3:2A:31:D9:A1:95:CA:69:24"}}},"request":{"raw":"GET /parking-lander/static/css/main.64e00bed.css HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bollyflix.beer/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: 6kfbLGjSu62wuHrUkuy/MaNBzs8vWieXzb5ehywORjvZat08Jv07uXVDxDCugCXFbTmft3imDdzb8w89l+DwfjAfcoRMyl++X5X1FTblHHw=\r\nx-amz-request-id: R1DQK3ASDANXKN5H\r\nlast-modified: Thu, 02 Oct 2025 21:53:44 GMT\r\netag: \"c758f9e73c79799ad5e034440e5e8151\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: ANup.XCZTly16gSbTeU9d7WkwTEz64pk\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 10512\r\ncache-control: max-age=31536000\r\nexpires: Thu, 15 Oct 2026 10:41:56 GMT\r\ndate: Wed, 15 Oct 2025 10:41:56 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":66182,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c758f9e73c79799ad5e034440e5e8151","sha1":"09229af03b9ea88aef590c7980e8420fa1344c4a","sha256":"c08338b04727001500acd771177eba90612f4fe4f25162f389e87f0ad0aa1cd1","sha512":"d5ed918322cf8c820a47589b6462d6f6d9dbd87838b439991be293ddb7b0f17796d6f92431cad524baad663c00cc4d3edc505cfd63ad53f0f65ab0d00251d3a9","ssdeep":"1536:Y3U8GKPb0aLNLi6qjUYyQylaBVvvti6HRmkb11evQOHZqec1KPeFezIc7CD:z8GKPb0aLNLi6qjUYyQylQ6qec1KPeFp","tlshash":"2753b9586588993e7d3f721c7279869ca33870bbd27667ac9023ee3606c6af536c1214","first_seen":"2025-09-18T16:24:36.071782Z","last_seen":"2026-03-22T12:40:51.580134Z","times_seen":45151,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":57,"dns":44,"connect":1,"send":0,"wait":7,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/px.js?ch=1\u0026abp=1\u0026gdabp=true","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bollyflix.beer/lander","date":"2025-10-15T10:41:56.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Fri, 05 Sep 2025 18:24:05 GMT","end":"Wed, 07 Oct 2026 18:24:05 GMT"},"fingerprint":{"sha1":"0E:95:B5:3C:BC:57:5B:29:44:36:31:82:4A:13:83:C0:BB:C6:51:2D","sha256":"2E:41:DD:15:BE:3D:3A:3A:29:F0:65:E6:52:EC:88:54:C4:60:01:9E:68:96:30:F3:2A:31:D9:A1:95:CA:69:24"}}},"request":{"raw":"GET /parking-lander/px.js?ch=1\u0026abp=1\u0026gdabp=true HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bollyflix.beer/\r\nOrigin: https://bollyflix.beer\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: 7cyW0DMoteeyGw9wTl3kGxOYT1jO29f9+1RBNKuiuiOuYwtI06XNqVF6JcjXudg1DmNdw7pGi5A=\r\nx-amz-request-id: JVRQRKRBPZTMNSDG\r\nlast-modified: Thu, 02 Oct 2025 21:53:46 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: pCwYrAainMSn2hMCRpOVAp6TbSVjL8Iz\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 20\r\ncache-control: max-age=31536000\r\nexpires: Thu, 15 Oct 2026 10:41:56 GMT\r\ndate: Wed, 15 Oct 2025 10:41:56 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bollyflix.beer/","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"ip":{"addr":"52.223.13.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T10:41:55.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bollyflix.beer","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 19 Sep 2025 03:23:16 GMT","end":"Sat, 19 Sep 2026 03:23:16 GMT"},"fingerprint":{"sha1":"1F:A6:65:D7:55:62:2B:02:FC:FB:13:48:51:60:61:2A:E5:A2:EA:59","sha256":"BD:9F:B0:52:93:FE:0B:84:85:20:08:5D:75:38:41:CC:7D:21:76:22:CA:2C:59:DD:71:8A:DF:FD:8C:C1:31:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bollyflix.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nDate: Wed, 15 Oct 2025 10:41:56 GMT\r\nContent-Length: 114\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"e89f75f918dbdcee28604d4e09dd71d7","sha1":"f9d9055e9878723a12063b47d4a1a5f58c3eb1e9","sha256":"6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023","sha512":"8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0","ssdeep":"","tlshash":"eeb092ddbc61e48018e535511ea3b60d146a22ebb9018b4018c00836a96035f8d0aac5","first_seen":"2024-03-15T21:37:10Z","last_seen":"2026-04-04T22:47:22.948113Z","times_seen":123383,"resource_available":true,"data":null}},"time_used":1086,"timings":{"blocked":492,"dns":181,"connect":1,"send":0,"wait":102,"receive":0,"ssl":308},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"bollyflix.beer","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bollyflix.beer/lander","fqdn":"bollyflix.beer","domain":"bollyflix.beer","tld":"beer"},"ip":{"addr":"52.223.13.41","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T10:41:56.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bollyflix.beer","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 19 Sep 2025 03:23:16 GMT","end":"Sat, 19 Sep 2026 03:23:16 GMT"},"fingerprint":{"sha1":"1F:A6:65:D7:55:62:2B:02:FC:FB:13:48:51:60:61:2A:E5:A2:EA:59","sha256":"BD:9F:B0:52:93:FE:0B:84:85:20:08:5D:75:38:41:CC:7D:21:76:22:CA:2C:59:DD:71:8A:DF:FD:8C:C1:31:20"}}},"request":{"raw":"GET /lander HTTP/1.1\r\nHost: bollyflix.beer\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bollyflix.beer/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=86400\r\nConnection: keep-alive\r\nContent-Type: text/html\r\nDate: Wed, 15 Oct 2025 10:41:56 GMT\r\nServer: openresty\r\nSet-Cookie: expiry_partner=tucows.EXPIRED.CF3F10F5-9663-4600-977B-E13B5DC69A28; Path=/; Max-Age=86400\ncaf_ipaddr=91.90.42.154; Path=/; Max-Age=86400\ncountry=NO; Path=/; Max-Age=86400\ncity=Oslo; Path=/; Max-Age=86400\nlander_type=parking-tucows-expired; Path=/; Max-Age=86400\r\nX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_gOHgVnWtCXPrUVey70XAOmS9w0iuL2FylGfO7+VQnVRyW/qv5joxYHT+8mnD68PeeUgVfy3FCZp95H5W2BU7Yw\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 553\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":553,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (552)","md5":"0e1a46ddb6136ff891b9c9295d2412cf","sha1":"61809b32d39f6d55490448253825db8a0cdf6b6b","sha256":"f1fae5bf41e02b4863e940d02afaa2dccd097b8516d5d061df9a362c6bb4ecaf","sha512":"94a1bd3f393a00158efed288838155ca5bb07808b95df445232c0652115834280f4bdccdaec8f00beb4701cbaf6006bf4e42a27cc1bbc0e88ae19315bfc3a601","ssdeep":"","tlshash":"8af0c0d3ec92c51d0f70d6eab932f72cc00be529ddd1ec41a495047358d87e74c2a854","first_seen":"2025-10-02T22:28:42.925408Z","last_seen":"2025-11-10T20:11:28.815123Z","times_seen":4248,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"bollyflix.beer","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026gdabp=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bollyflix.beer/lander","date":"2025-10-15T10:41:56.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:42:40 GMT","end":"Mon, 15 Dec 2025 08:42:39 GMT"},"fingerprint":{"sha1":"99:C6:4E:8E:B8:5B:D1:99:2A:8E:B6:F5:1D:F0:C9:9F:D1:98:60:99","sha256":"5E:61:10:69:80:4E:43:5E:5C:BC:64:28:29:74:91:F6:DC:3B:42:28:2D:71:3C:A4:FA:4E:A8:88:A1:46:E6:39"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026gdabp=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bollyflix.beer/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 15 Oct 2025 10:41:56 GMT\r\nexpires: Wed, 15 Oct 2025 10:41:56 GMT\r\ncache-control: private, max-age=3600\r\netag: \"10212869674847426953\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":159361,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"4d8feae8863931849cf4075ae9f9a830","sha1":"1dbc0deafe657b86b4c37b85c3c5e4ea6b6544e9","sha256":"1a5a5fa0b3063431cd48c4ed84cff83a98d40a619aafde27dac01695d8a9609f","sha512":"a77ee647a4e4a37a90a89681be0e0f35550d6046b70e40886471856ab335bac75eb6991e55ff7c600dcd23daa8f93307096f6c2c20d7f2389eddae74242e248e","ssdeep":"1536:9KzXuXs5eKcuVrQUNuDj897ZUwTCg3tdEVKcSpxqeJRV6X8oagGNNNat2mcFvXuq:qUBjCpz3fswxdZWbknH3cWdt+skVMIA","tlshash":"24f34acd73a1702243a394b4607f018fb13af865a84c88a4b199d9e47db4dad4277fbd","first_seen":"2025-10-13T19:55:39.691682Z","last_seen":"2025-10-15T11:43:16.455657Z","times_seen":542,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":133,"dns":1,"connect":21,"send":0,"wait":33,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/px.js?ch=2\u0026abp=2\u0026gdabp=true","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bollyflix.beer/lander","date":"2025-10-15T10:41:56.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Fri, 05 Sep 2025 18:24:05 GMT","end":"Wed, 07 Oct 2026 18:24:05 GMT"},"fingerprint":{"sha1":"0E:95:B5:3C:BC:57:5B:29:44:36:31:82:4A:13:83:C0:BB:C6:51:2D","sha256":"2E:41:DD:15:BE:3D:3A:3A:29:F0:65:E6:52:EC:88:54:C4:60:01:9E:68:96:30:F3:2A:31:D9:A1:95:CA:69:24"}}},"request":{"raw":"GET /parking-lander/px.js?ch=2\u0026abp=2\u0026gdabp=true HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bollyflix.beer/\r\nOrigin: https://bollyflix.beer\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: Og3vYjP2vm/1FFUct7Rvcx7OuXPYbyArEZJZkE5DUnjel0nleryFpKu3D/L7K+1ZMk4NlvE380Y=\r\nx-amz-request-id: JVRHSTWZTBM6J8DN\r\nlast-modified: Thu, 02 Oct 2025 21:53:46 GMT\r\netag: \"d41d8cd98f00b204e9800998ecf8427e\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: pCwYrAainMSn2hMCRpOVAp6TbSVjL8Iz\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 20\r\ncache-control: max-age=31536000\r\nexpires: Thu, 15 Oct 2026 10:41:56 GMT\r\ndate: Wed, 15 Oct 2025 10:41:56 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}