{"report_id":"66360bc1-9898-4f18-b5aa-24d6d9566e8d","version":0,"status":"done","tags":[],"date":"2026-06-12T12:15:17Z","url":{"schema":"http","addr":"dsicrod.com","fqdn":"dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"216.245.213.74","port":0,"asn":46475,"as":"LIMESTONENETWORKS","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"title":"discord","dom":{"size":23504,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1433)","md5":"08afaeb372df8348ab37885f8c2c8a78","sha1":"cde3ce07b6ccb0277ac2be07ef81279327b6e53a","sha256":"abdbea9116282428184fc65ceb814aa8d9a14f844192ce2aa839f70e6dc50324","sha512":"8fd770efa391acc3dcaeed9caf274bf68e1ee674dfe0237872f9697efaeb03980ed7fcd2cea25c3ed4d70b86fd2bfeec11c89560317c61a7e05239ffa8a8bcad","ssdeep":"192:T4moVWKEYMfQIWx0NxJmtvICjLvKMM208kXdyhd93JQaI8PbhxsHVPbixsHwPbbH:TOiNWEH9HHSSHaeHrCkOP5/NUnI","tlshash":"8ab21a9a56f365b15427a0bd47df520932ba5007e883dcac7acc47108fcaee5d963b8c","dom_hash":"domhashb79b7d48841984ce9eb8f2012d5a77bf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dsicrod.com","fqdn":"dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"216.245.213.74","port":0,"asn":46475,"as":"LIMESTONENETWORKS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-17T12:15:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"appreports.net","ip":{"addr":"104.21.24.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-02-08","domain_rank":566099,"first_seen":"2022-02-17T13:24:25Z","last_seen":"2026-06-04T14:18:20.715511Z","alert_count":0,"request_count":2,"received_data":1622,"sent_data":1461,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"ww1.dsicrod.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-03-26","domain_rank":0,"first_seen":"2026-06-12T12:15:17.704513Z","last_seen":"2026-06-12T12:15:17.704513Z","alert_count":10,"request_count":5,"received_data":23774,"sent_data":2811,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"dsicrod.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-03-26","domain_rank":0,"first_seen":"2026-06-12T12:15:17.703916Z","last_seen":"2026-06-12T12:15:17.703916Z","alert_count":8,"request_count":4,"received_data":1460,"sent_data":2133,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s.appreports.net","ip":{"addr":"34.149.1.127","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2022-02-08","domain_rank":0,"first_seen":"2023-03-07T06:49:32Z","last_seen":"2026-06-11T02:56:55.34156Z","alert_count":0,"request_count":1,"received_data":9319,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"s.appreports.net/serenity.js?v=1781266500110","fqdn":"s.appreports.net","domain":"appreports.net","tld":"net"},"ip":{"addr":"34.149.1.127","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c99ba365ce9cb55fb421ebbfe7f26a8a","sha1":"1bc41cb6d1d36a94975ee3f06e6dae025fe19eee","sha256":"f1cd6736bf314d832d550af84fb2b1b07b61dd2ad4c14e0b35dd30c02ed5d640","sha512":"b6e0b601cbca8f7711ce4119d09564d18d2687d47f7095cabd5baaa77be029840a1842466e384af66d71dbb4311337c7ad81a93b518dc6f56a35747046596f37","ssdeep":"192:IWVRWPCWiyB+8OQLXTN4uFkCsaCkmPo0P8:IWvWPCWiyB+8OQLXTNZZJCHj8","tlshash":"a702a9b938f358755272103b2b3fa5457722002b3d3ae421b64e84ac6f5ce5fd9a6ac4","size":8595,"data":"","first_seen":"2026-05-13T09:23:43.706369Z","last_seen":"2026-06-13T13:02:47.838444Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"daf67bb96a430465962fd3fbd980ce77","sha1":"e4be86af7608289b7659ff0f29a3d25e58b147cd","sha256":"6751d5efdfd0729f553c3c5487c1239c18107d83dcec8fa51bfc3966b517632e","sha512":"4db52298fa40cf655bbd4203366d3cfa4757fb2a1cbe2d71b1b1aaa34f115fcf49adc0316d72f37b6fdc359c98595cf1caf089daddaa11710c46a0d43dd18dd0","ssdeep":"","tlshash":"d40115bf645340b8576770ff133f78053551200f9068c526b5ddc1182f54a8e8d7069c","size":826,"data":"","first_seen":"2026-06-12T12:15:24.425159Z","last_seen":"2026-06-12T12:15:24.425159Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.yimg.com/ds/scripts/selectTier-v1.1.0.js","fqdn":"s.yimg.com","domain":"yimg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fd5233f516e2a3e266fcfeeb72da1ed","sha1":"4247ea38ef72fc94114511439a4cb0623c1b74ab","sha256":"a021a0c4cfdb3c5d6f2f94ca5fe63619696eebe77de4ebce82147c8e977c2885","sha512":"2c8e6f7f80fc87c3dabc99bd362b2a402b405def4cf2dd613c9b63f751a066cc9fae2b07f73f8bb70c213ce99b574756be05034c83a98a249b479f8edd72d190","ssdeep":"768:AvPr83BT2T2x4ebxteeqrkp3KQZ91/Rpb3pRmlt4wjvooBsr+2:Avj83ET2+KzmQZ7/RpzpxCsrl","tlshash":"f4b2b5a574c9343f03ab80f3903b231933765d2a3906a568368886de5dace5b5317f7e","size":25437,"data":"","first_seen":"2026-04-04T05:35:15.595688Z","last_seen":"2026-06-13T13:02:47.836333Z","times_seen":90,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"55e221bc67d3c47b33d11d623b5d43d2","sha1":"5f8127509c742268e4eacc614200855c3fa3e908","sha256":"4ec544c8bc86634b90a7549ddb94481a06ce0283069c4d4d2c1eef0d54ac8bd2","sha512":"e689a62b695db0aa71e4ac000bfac9100a26e57d231bb685818ebb6d38585869abd12ffa54a048e3c90584b7616047d1a200bc1d3217a3cf1552feb3c8f91a8c","ssdeep":"48:cdUKGOK26BSNnqEyhd/EP87JRyGTifAtpIDKR5hP9n55FFK92iizx8Gv3vDyIUW:UfC2yH/RyGTiARxFTFFc2iXM/Dy8","tlshash":"cda1325d24b3392521a370b9535b6146723290137c96fce8ba8dc3148f99a6f5ab3bcc","size":4663,"data":"","first_seen":"2026-06-12T12:15:24.426711Z","last_seen":"2026-06-12T12:15:24.426711Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7315aaff2e4cff79ae17faf8d693d5c3","sha1":"dde86056a2448ae51f05fb4e05cfa60042f17968","sha256":"fde1f2712fff2d730f81a21737bd102be79861acd506e2132408af152f687f2a","sha512":"0089ee0aa8b87b56717ce15a7918dbd4a2ae9092e29ba93de4c206cb54561f8d0009ed0e229c63cd1c04fcadba43cba7c3a3c465dc9270bd50f7305ee1cee4fd","ssdeep":"","tlshash":"b8314e513bb33611092b20ba439bd208b222a44ba193d84cba4e85e08fc1f15d1f6fdc","size":1865,"data":"","first_seen":"2026-06-12T12:15:24.427919Z","last_seen":"2026-06-12T12:15:24.427919Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ed521d29cba0ed234cf4b04dad128814","sha1":"7fe1adb9dafe6bf8db0624981b31bf29975661d9","sha256":"ddd848567a8bcdd3325bc45b8fd3202d067ceeeda3ed471a874d4a47d7166392","sha512":"c7cfe4579e503a0dab3282369bba43e1bf82360203b039ee56e8b2b79392d61d8da02a2ad1850516e0a5e9195d4e09e9066518249fc7eb8a53f6dbce745c73fb","ssdeep":"","tlshash":"c411709dd1eb6a705c73f17553ae6192f8240a830c89dcb8bf1c5e105fc912669f16c9","size":959,"data":"","first_seen":"2026-06-12T12:15:24.428796Z","last_seen":"2026-06-12T12:15:24.428796Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"55e221bc67d3c47b33d11d623b5d43d2","sha1":"5f8127509c742268e4eacc614200855c3fa3e908","sha256":"4ec544c8bc86634b90a7549ddb94481a06ce0283069c4d4d2c1eef0d54ac8bd2","sha512":"e689a62b695db0aa71e4ac000bfac9100a26e57d231bb685818ebb6d38585869abd12ffa54a048e3c90584b7616047d1a200bc1d3217a3cf1552feb3c8f91a8c","ssdeep":"48:cdUKGOK26BSNnqEyhd/EP87JRyGTifAtpIDKR5hP9n55FFK92iizx8Gv3vDyIUW:UfC2yH/RyGTiARxFTFFc2iXM/Dy8","tlshash":"cda1325d24b3392521a370b9535b6146723290137c96fce8ba8dc3148f99a6f5ab3bcc","size":4663,"data":"","first_seen":"2026-06-12T12:15:24.426711Z","last_seen":"2026-06-12T12:15:24.426711Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7315aaff2e4cff79ae17faf8d693d5c3","sha1":"dde86056a2448ae51f05fb4e05cfa60042f17968","sha256":"fde1f2712fff2d730f81a21737bd102be79861acd506e2132408af152f687f2a","sha512":"0089ee0aa8b87b56717ce15a7918dbd4a2ae9092e29ba93de4c206cb54561f8d0009ed0e229c63cd1c04fcadba43cba7c3a3c465dc9270bd50f7305ee1cee4fd","ssdeep":"","tlshash":"b8314e513bb33611092b20ba439bd208b222a44ba193d84cba4e85e08fc1f15d1f6fdc","size":1865,"data":"","first_seen":"2026-06-12T12:15:24.427919Z","last_seen":"2026-06-12T12:15:24.427919Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ed521d29cba0ed234cf4b04dad128814","sha1":"7fe1adb9dafe6bf8db0624981b31bf29975661d9","sha256":"ddd848567a8bcdd3325bc45b8fd3202d067ceeeda3ed471a874d4a47d7166392","sha512":"c7cfe4579e503a0dab3282369bba43e1bf82360203b039ee56e8b2b79392d61d8da02a2ad1850516e0a5e9195d4e09e9066518249fc7eb8a53f6dbce745c73fb","ssdeep":"","tlshash":"c411709dd1eb6a705c73f17553ae6192f8240a830c89dcb8bf1c5e105fc912669f16c9","size":959,"data":"","first_seen":"2026-06-12T12:15:24.428796Z","last_seen":"2026-06-12T12:15:24.428796Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"55e221bc67d3c47b33d11d623b5d43d2","sha1":"5f8127509c742268e4eacc614200855c3fa3e908","sha256":"4ec544c8bc86634b90a7549ddb94481a06ce0283069c4d4d2c1eef0d54ac8bd2","sha512":"e689a62b695db0aa71e4ac000bfac9100a26e57d231bb685818ebb6d38585869abd12ffa54a048e3c90584b7616047d1a200bc1d3217a3cf1552feb3c8f91a8c","ssdeep":"48:cdUKGOK26BSNnqEyhd/EP87JRyGTifAtpIDKR5hP9n55FFK92iizx8Gv3vDyIUW:UfC2yH/RyGTiARxFTFFc2iXM/Dy8","tlshash":"cda1325d24b3392521a370b9535b6146723290137c96fce8ba8dc3148f99a6f5ab3bcc","size":4663,"data":"","first_seen":"2026-06-12T12:15:24.426711Z","last_seen":"2026-06-12T12:15:24.426711Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7315aaff2e4cff79ae17faf8d693d5c3","sha1":"dde86056a2448ae51f05fb4e05cfa60042f17968","sha256":"fde1f2712fff2d730f81a21737bd102be79861acd506e2132408af152f687f2a","sha512":"0089ee0aa8b87b56717ce15a7918dbd4a2ae9092e29ba93de4c206cb54561f8d0009ed0e229c63cd1c04fcadba43cba7c3a3c465dc9270bd50f7305ee1cee4fd","ssdeep":"","tlshash":"b8314e513bb33611092b20ba439bd208b222a44ba193d84cba4e85e08fc1f15d1f6fdc","size":1865,"data":"","first_seen":"2026-06-12T12:15:24.427919Z","last_seen":"2026-06-12T12:15:24.427919Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ed521d29cba0ed234cf4b04dad128814","sha1":"7fe1adb9dafe6bf8db0624981b31bf29975661d9","sha256":"ddd848567a8bcdd3325bc45b8fd3202d067ceeeda3ed471a874d4a47d7166392","sha512":"c7cfe4579e503a0dab3282369bba43e1bf82360203b039ee56e8b2b79392d61d8da02a2ad1850516e0a5e9195d4e09e9066518249fc7eb8a53f6dbce745c73fb","ssdeep":"","tlshash":"c411709dd1eb6a705c73f17553ae6192f8240a830c89dcb8bf1c5e105fc912669f16c9","size":959,"data":"","first_seen":"2026-06-12T12:15:24.428796Z","last_seen":"2026-06-12T12:15:24.428796Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"map[actor:server1.conn0.watcher14.process7//obj44 class:Object extensible:true frozen:false isError:false ownPropertyLength:3 preview:map[kind:Object ownProperties:map[trafficSrc:map[configurable:true enumerable:true value:intango_park_dm_1638_1 writable:true] ykws:map[configurable:true enumerable:true value:Live Chat Help System,Chat Dedicated Servers,Online Disc,Create Discord Server Tutorial,Download From Secure Cloud File Storage writable:true] ysid:map[configurable:true enumerable:true value:23SR155L2NU23 writable:true]] ownPropertiesLength:3] sealed:false type:object]","filename":"http://ww1.dsicrod.com/?dmn=dsicrod.com","line_number":0,"column_number":0},{"level":"log","text":"intango_park_dm_1638_1","filename":"https://s.appreports.net/serenity.js?v=1781266500110","line_number":0,"column_number":0},{"level":"log","text":"Serenity DM Keywords successfully loaded.","filename":"https://s.appreports.net/serenity.js?v=1781266500110","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"appreports.net/report/sub-syn-xml-tag?action=dm-pageload\u0026screen_width=1280\u0026screen_height=1024\u0026tzo=0\u0026isb=true\u0026source_tag=intango_park_dm_1638_1\u0026referrer=http%3A%2F%2Fdsicrod.com%2F\u0026href=http%3A%2F%2Fww1.dsicrod.com%2F%3Fdmn%3Ddsicrod.com","fqdn":"appreports.net","domain":"appreports.net","tld":"net"},"ip":{"addr":"104.21.24.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww1.dsicrod.com/?dmn=dsicrod.com","date":"2026-06-12T12:15:01.455Z","timestamp":1781266501455,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appreports.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 18 Apr 2026 16:59:21 GMT","end":"Fri, 17 Jul 2026 17:58:07 GMT"},"fingerprint":{"sha1":"07:65:5A:76:30:14:2B:4E:21:AA:8C:38:B9:36:FA:52:10:99:B7:E4","sha256":"B7:AB:5B:83:99:BE:A2:B0:89:6B:9F:84:D1:1C:59:99:66:88:8F:2C:42:34:2E:DB:E8:DE:FC:62:1A:56:92:A8"}}},"request":{"raw":"GET /report/sub-syn-xml-tag?action=dm-pageload\u0026screen_width=1280\u0026screen_height=1024\u0026tzo=0\u0026isb=true\u0026source_tag=intango_park_dm_1638_1\u0026referrer=http%3A%2F%2Fdsicrod.com%2F\u0026href=http%3A%2F%2Fww1.dsicrod.com%2F%3Fdmn%3Ddsicrod.com HTTP/1.1\r\nHost: appreports.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.dsicrod.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, sentry-trace\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HhNM2xctx77oaSpj6KlOYk77E269cjBr95RIwI%2F5D%2BI%2F%2FlrkR9vNaNKSsuG%2FbrU2Ain9U2W38GPm92tMNA3jHfzV3jUHtMpzh%2FB03iy8Tgd%2FhCQfhTWU%2FO%2BL1o9hrjla8A%3D%3D\"}]}\r\ndate: Fri, 12 Jun 2026 12:15:01 GMT\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 2\r\ncf-ray: a0a8c75219bb56b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2,"size_decoded":817,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-06-14T08:34:39.147198Z","times_seen":324325,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-12T12:14:59.602Z","timestamp":1781266499602,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?dmn=dsicrod.com HTTP/1.1\r\nHost: ww1.dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://dsicrod.com/\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T08:33:45.779545Z","times_seen":16409244,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/favicon.ico","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"34.160.121.137","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww1.dsicrod.com/?dmn=dsicrod.com","date":"2026-06-12T12:15:00.227Z","timestamp":1781266500227,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ww1.dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.dsicrod.com/?dmn=dsicrod.com\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24; visitCounter=1\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 14\r\nETag: W/\"e-vDAjs2Bjp2gdskaBRytU+hHw1Ow\"\r\nDate: Fri, 12 Jun 2026 12:15:00 GMT\r\nVia: 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":14,"size_decoded":272,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"d0fbda9855d118740f1105334305c126","sha1":"bc3023b36063a7681db24681472b54fa11f0d4ec","sha256":"a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe","sha512":"41171c08ca31b832c6e64c553702d38adf805ce4fec552b71659558a419c02589cf9332f40288fb450e6c52297efa7903999f39dd48efa20edb92c7d8e3bd42b","ssdeep":"","tlshash":"9c60000c0c03030c0000003c03c000300c0c03000cc003300003f00cc3000000c00ccc","first_seen":"2023-04-05T14:46:24Z","last_seen":"2026-06-14T04:21:02.776354Z","times_seen":22857,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/cherami/report","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"34.160.121.137","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"http://ww1.dsicrod.com/?dmn=dsicrod.com","date":"2026-06-12T12:15:00.519Z","timestamp":1781266500519,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"POST /cherami/report HTTP/1.1\r\nHost: ww1.dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/json\r\nContent-Length: 548\r\nOrigin: http://ww1.dsicrod.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.dsicrod.com/?dmn=dsicrod.com\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24; visitCounter=1\r\nPriority: u=6\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccess-Control-Allow-Origin: http://ww1.dsicrod.com\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 2\r\nETag: W/\"2-nOO9QiTIwXgNtWtBJezz8kv3SLc\"\r\nDate: Fri, 12 Jun 2026 12:15:00 GMT\r\nVia: 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2,"size_decoded":406,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-06-14T08:34:39.147198Z","times_seen":324325,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dsicrod.com/","fqdn":"dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-12T12:14:48.196Z","timestamp":1781266488196,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T08:33:45.779545Z","times_seen":16409244,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dsicrod.com/","fqdn":"dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"77.247.182.244","port":80,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-12T12:14:58.964Z","timestamp":1781266498964,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile\r\ncache-control: max-age=0, private, must-revalidate\r\nconnection: close\r\ncontent-length: 472\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 12 Jun 2026 12:14:58 GMT\r\nserver: nginx\r\nset-cookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24; path=/; domain=.dsicrod.com; expires=Wed, 30 Jun 2094 15:29:05 GMT; max-age=2147483647; HttpOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":472,"size_decoded":915,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (472), with no line terminators","md5":"9f24c514335d144e195148a51964ecb3","sha1":"e0e897289e65e0aa679b5c44d440ec1d4c187676","sha256":"f8d24094538ee513b2265c1888bda99d7e43b633a9a1f070322d12963b62e835","sha512":"ebc4e4daed12ef3717a94f124bf429217a24ab940d7fcfee30b264dbc2037b41e0a73e47bbb335b13abd06ea26d10ef1da8ab8e0510b397b7d69047d4c253b51","ssdeep":"","tlshash":"a7f0dcef0c5bc4ddfb9169248eeb71b4848871a61468946ee2e09cac783030f9c1a168","first_seen":"2026-06-12T12:15:24.421727Z","last_seen":"2026-06-12T12:15:24.421727Z","times_seen":1,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":3,"connect":17,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dsicrod.com/?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc4MTI3MzY5OCwiaWF0IjoxNzgxMjY2NDk4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMnM1OHNicXUwbzgxMnY0Mm9pZjZ1NGIiLCJuYmYiOjE3ODEyNjY0OTgsInRzIjoxNzgxMjY2NDk4OTk1NTE4fQ.gAvZt8zrjfZRiJY59c9VW05fMdN5jVr6ekNvo1EZiTU\u0026sid=54bbc08e-6658-11f1-82d8-42dd51cdad24","fqdn":"dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"77.247.182.244","port":80,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-12T12:14:59.117Z","timestamp":1781266499117,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc4MTI3MzY5OCwiaWF0IjoxNzgxMjY2NDk4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMnM1OHNicXUwbzgxMnY0Mm9pZjZ1NGIiLCJuYmYiOjE3ODEyNjY0OTgsInRzIjoxNzgxMjY2NDk4OTk1NTE4fQ.gAvZt8zrjfZRiJY59c9VW05fMdN5jVr6ekNvo1EZiTU\u0026sid=54bbc08e-6658-11f1-82d8-42dd51cdad24 HTTP/1.1\r\nHost: dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dsicrod.com/\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\nconnection: close\r\ncontent-length: 11\r\ndate: Fri, 12 Jun 2026 12:14:58 GMT\r\nlocation: http://ww1.dsicrod.com/?dmn=dsicrod.com\r\nserver: nginx\r\nset-cookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24; path=/; domain=.dsicrod.com; expires=Wed, 30 Jun 2094 15:29:06 GMT; max-age=2147483647; HttpOnly\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T08:33:45.779545Z","times_seen":16409244,"resource_available":true,"data":null}},"time_used":478,"timings":{"blocked":-1,"dns":0,"connect":17,"send":0,"wait":461,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dsicrod.com/favicon.ico","fqdn":"dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"77.247.182.244","port":80,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dsicrod.com/","date":"2026-06-12T12:14:59.224Z","timestamp":1781266499224,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://dsicrod.com/\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\ncache-control: max-age=0, private, must-revalidate\r\nconnection: close\r\ncontent-length: 9\r\ndate: Fri, 12 Jun 2026 12:14:58 GMT\r\nserver: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9,"size_decoded":177,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"d8f4a1993546cc4b850cde3599e27aec","sha1":"094b763b4cfcc0b05e5d040581cd513c3ca08067","sha256":"907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9","sha512":"7c696247f98aa6fe4e1df001fd6029abbbccf45b122d65dfdede8f8a400cda775387c657f96bd1e4e52da7409187892b1f0786c54d835d2e44227b2e1335eaf6","ssdeep":"","tlshash":"4a50000c0003030c0000003000c00030000c03000c0000300000c00c00000000c000cc","first_seen":"2023-03-08T07:11:06Z","last_seen":"2026-06-14T09:11:34.081519Z","times_seen":20664,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":16,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/?dmn=dsicrod.com","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"34.160.121.137","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-12T12:14:59.710Z","timestamp":1781266499710,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /?dmn=dsicrod.com HTTP/1.1\r\nHost: ww1.dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://dsicrod.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: visitCounter=1; Max-Age=63072000; Path=/; Expires=Sun, 11 Jun 2028 12:14:59 GMT; HttpOnly; SameSite=Lax\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 22369\r\nETag: W/\"5761-rJB6AFDLUpy3MCANF1fKpPCPBls\"\r\nDate: Fri, 12 Jun 2026 12:15:00 GMT\r\nVia: 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":22369,"size_decoded":22743,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1417)","md5":"c339c1dafcfa3072e48be446cbf026e6","sha1":"ac907a0050cb529cb730200d1757caa4f08f065b","sha256":"6103d0ab3120063388df3879b98a0fa0b0844a0dfef629f5a01486a446dfaeb6","sha512":"d10c1a9d0d92e5ff833ff64dbbee4e9b6cb15a191efba5c990057454af7b92516c4d3b4fb92437e499b1997abf247eb9ff407fdd27c045d0c9475378cc462d68","ssdeep":"192:d4moVWKEYMfQIWx0NxJmtvICjLvKMM208kXdyhd93JOIWPbJxsGLPbCxsGePbbxs:dOzgsGbXG4CGFqeGlC47P5/NUnm","tlshash":"79a21a9a52f335a16467a07d4bdf420932ba5013d883dcac7acc47118f8aef5d563b8c","first_seen":"2026-06-12T12:15:24.423471Z","last_seen":"2026-06-12T12:15:24.423471Z","times_seen":1,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":0,"dns":3,"connect":13,"send":0,"wait":352,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.appreports.net/serenity.js?v=1781266500110","fqdn":"s.appreports.net","domain":"appreports.net","tld":"net"},"ip":{"addr":"34.149.1.127","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.dsicrod.com/?dmn=dsicrod.com","date":"2026-06-12T12:15:00.113Z","timestamp":1781266500113,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s.appreports.net","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Apr 2026 05:14:57 GMT","end":"Tue, 28 Jul 2026 06:08:30 GMT"},"fingerprint":{"sha1":"18:90:CB:18:E6:AF:F6:D7:4D:1E:EE:D3:6B:ED:7D:D6:D6:D7:DC:0A","sha256":"B9:14:67:DF:D7:37:B4:9F:65:41:FC:60:5B:6A:83:F5:C2:DB:7A:B5:63:38:1E:B0:2D:73:23:C1:6D:35:98:05"}}},"request":{"raw":"GET /serenity.js?v=1781266500110 HTTP/1.1\r\nHost: s.appreports.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.dsicrod.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nx-guploader-uploadid: AJ5rDhEC1yoCC_re0qvnC8cQhRb0ths__0JMqcjK2KWR4MPEC8HfGknt9gWQx5sMZraYR-F_SWzoqcU\r\nx-goog-generation: 1778663143632095\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 8595\r\nx-goog-hash: crc32c=VEbpPg==, md5=yZujZc6ctV+0Ieu/5/Jqig==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\ncontent-length: 8595\r\nserver: UploadServer\r\nvia: 1.1 google\r\ndate: Fri, 12 Jun 2026 12:15:00 GMT\r\nlast-modified: Wed, 13 May 2026 09:05:43 GMT\r\netag: \"c99ba365ce9cb55fb421ebbfe7f26a8a\"\r\ncontent-type: application/javascript\r\nage: 0\r\ncache-control: public,no-cache,max-age=0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":8595,"size_decoded":9319,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4377)","md5":"c99ba365ce9cb55fb421ebbfe7f26a8a","sha1":"1bc41cb6d1d36a94975ee3f06e6dae025fe19eee","sha256":"f1cd6736bf314d832d550af84fb2b1b07b61dd2ad4c14e0b35dd30c02ed5d640","sha512":"b6e0b601cbca8f7711ce4119d09564d18d2687d47f7095cabd5baaa77be029840a1842466e384af66d71dbb4311337c7ad81a93b518dc6f56a35747046596f37","ssdeep":"192:IWVRWPCWiyB+8OQLXTN4uFkCsaCkmPo0P8:IWvWPCWiyB+8OQLXTNZZJCHj8","tlshash":"a702a9b938f358755272103b2b3fa5457722002b3d3ae421b64e84ac6f5ce5fd9a6ac4","first_seen":"2026-05-13T09:23:43.706369Z","last_seen":"2026-06-13T13:02:47.838444Z","times_seen":88,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":3,"connect":14,"send":0,"wait":133,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.dsicrod.com/cherami/report?action=keywordsPageLoad\u0026extraString1=Live+Chat+Help+System%2CChat+Dedicated+Servers%2COnline+Disc%2CCreate+Discord+Server+Tutorial%2CDownload+From+Secure+Cloud+File+Storage\u0026extraString2=dsicrod.com\u0026extraString3=15\u0026v=t2GsA9xY\u0026_ts=1781266500518","fqdn":"ww1.dsicrod.com","domain":"dsicrod.com","tld":"com"},"ip":{"addr":"34.160.121.137","port":80,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww1.dsicrod.com/?dmn=dsicrod.com","date":"2026-06-12T12:15:00.526Z","timestamp":1781266500526,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cherami/report?action=keywordsPageLoad\u0026extraString1=Live+Chat+Help+System%2CChat+Dedicated+Servers%2COnline+Disc%2CCreate+Discord+Server+Tutorial%2CDownload+From+Secure+Cloud+File+Storage\u0026extraString2=dsicrod.com\u0026extraString3=15\u0026v=t2GsA9xY\u0026_ts=1781266500518 HTTP/1.1\r\nHost: ww1.dsicrod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.dsicrod.com/?dmn=dsicrod.com\r\nCookie: sid=54bbc08e-6658-11f1-82d8-42dd51cdad24; visitCounter=1\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 2\r\nETag: W/\"2-nOO9QiTIwXgNtWtBJezz8kv3SLc\"\r\nDate: Fri, 12 Jun 2026 12:15:00 GMT\r\nVia: 1.1 google\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2,"size_decoded":353,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-06-14T08:34:39.147198Z","times_seen":324325,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":13,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"ww1.dsicrod.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"appreports.net/report/sub-syn-xml-tag?action=scriptload\u0026screen_width=1280\u0026screen_height=1024\u0026tzo=0\u0026isb=true\u0026referrer=http%3A%2F%2Fdsicrod.com%2F\u0026href=http%3A%2F%2Fww1.dsicrod.com%2F%3Fdmn%3Ddsicrod.com","fqdn":"appreports.net","domain":"appreports.net","tld":"net"},"ip":{"addr":"104.21.24.58","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ww1.dsicrod.com/?dmn=dsicrod.com","date":"2026-06-12T12:15:00.529Z","timestamp":1781266500529,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appreports.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 18 Apr 2026 16:59:21 GMT","end":"Fri, 17 Jul 2026 17:58:07 GMT"},"fingerprint":{"sha1":"07:65:5A:76:30:14:2B:4E:21:AA:8C:38:B9:36:FA:52:10:99:B7:E4","sha256":"B7:AB:5B:83:99:BE:A2:B0:89:6B:9F:84:D1:1C:59:99:66:88:8F:2C:42:34:2E:DB:E8:DE:FC:62:1A:56:92:A8"}}},"request":{"raw":"GET /report/sub-syn-xml-tag?action=scriptload\u0026screen_width=1280\u0026screen_height=1024\u0026tzo=0\u0026isb=true\u0026referrer=http%3A%2F%2Fdsicrod.com%2F\u0026href=http%3A%2F%2Fww1.dsicrod.com%2F%3Fdmn%3Ddsicrod.com HTTP/1.1\r\nHost: appreports.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.dsicrod.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, sentry-trace\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IHBd%2BoASC15%2BTf7GCbGdkg0TqFMAKzSs4qmrUomxmve7lxl90GfJjX8eeYS6yhyMhxGizCY51FaP%2BcreOKhBUTE3zuQM8RWmq4qBjn8dagi2LopAoyZfgkRCP8rvn1aQTg%3D%3D\"}]}\r\ndate: Fri, 12 Jun 2026 12:15:05 GMT\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 2\r\ncf-ray: a0a8c74c797456b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":805,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-06-14T08:34:39.147198Z","times_seen":324325,"resource_available":true,"data":null}},"time_used":5461,"timings":{"blocked":0,"dns":6,"connect":19,"send":0,"wait":5436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}