{"report_id":"6661534a-4a68-4998-8289-aee791483ecc","version":6,"status":"done","tags":[],"date":"2026-02-22T10:19:46Z","url":{"schema":"http","addr":"deb.kcubeterm.me/","fqdn":"deb.kcubeterm.me","domain":"kcubeterm.me","tld":"me"},"ip":{"addr":"64.120.31.121","port":0,"asn":396362,"as":"LEASEWEB-USA-NYC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"perulateforesteepbreton.com/cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991","fqdn":"perulateforesteepbreton.com","domain":"perulateforesteepbreton.com","tld":"com"},"title":"404","dom":{"size":2587,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"92c3bf9a81f12e4ec9f89579ee529187","sha1":"d41f1635da56649f86b22d33782db8cb0009e7b2","sha256":"cd16f3edf795792b4b9073beee26799140cd6f7281dc26c9758d9804eb2dd0b7","sha512":"0142679c6911b454661145a6fb7535fdf828d313979e12f4dd6bd75767b6b8d7eaca7aa81176d65435eefbdb131366612f8707701873d04c1fd976d9e964c5d3","ssdeep":"","tlshash":"cd51b7c99b0d200b646681dc68a9b2f0a02e9d33ae37eff77c5b7034b284c784004be4","dom_hash":"domhashee67fa9dcf7ed9060379e471ba20f847","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"deb.kcubeterm.me/","fqdn":"deb.kcubeterm.me","domain":"kcubeterm.me","tld":"me"},"ip":{"addr":"64.120.31.121","port":0,"asn":396362,"as":"LEASEWEB-USA-NYC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-29T10:19:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"deb.kcubeterm.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"perulateforesteepbreton.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-26","domain_rank":0,"first_seen":"2026-01-15T12:56:34.001305Z","last_seen":"2026-02-21T02:43:22.740111Z","alert_count":0,"request_count":2,"received_data":4105,"sent_data":1131,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"deb.kcubeterm.me","ip":{"addr":"212.7.209.215","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2022-05-11","domain_rank":0,"first_seen":"2021-06-28T19:44:13Z","last_seen":"2025-10-26T04:53:56.02449Z","alert_count":3,"request_count":3,"received_data":1502,"sent_data":1867,"comment":"","tags":null,"fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}]},{"fqdn":"q1.quotes.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1997-05-20","domain_rank":3978262,"first_seen":"2022-09-19T03:10:30Z","last_seen":"2026-02-19T22:41:10.320622Z","alert_count":0,"request_count":2,"received_data":2891,"sent_data":952,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.lisabergtrain.support","ip":{"addr":"51.68.85.158","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-30T10:52:30.269233Z","last_seen":"2026-02-22T05:31:50.185279Z","alert_count":0,"request_count":1,"received_data":2861,"sent_data":568,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.magictrrop.guru","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-29","domain_rank":0,"first_seen":"2025-08-02T09:07:40.912187Z","last_seen":"2026-02-19T01:27:52.348202Z","alert_count":0,"request_count":1,"received_data":3343,"sent_data":562,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"track.linkics.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-22","domain_rank":0,"first_seen":"2026-01-05T14:13:54.722276Z","last_seen":"2026-02-21T02:43:23.144709Z","alert_count":0,"request_count":1,"received_data":3545,"sent_data":579,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"perulateforesteepbreton.com/cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991","fqdn":"perulateforesteepbreton.com","domain":"perulateforesteepbreton.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"42372e67d85e905cb85c0ba74253e305","sha1":"4590b5d0a517dec146974096fe3c8822f795e18d","sha256":"89460e0359b4486b644d9fc32aa8aec482201af9023f62f3fe45328533aefa4b","sha512":"c3af4d0436c26f0f9c379cf08979bba21429c1b2726329bcf12410ab90afc48a606823d74756214fc3dd9e8343f24182efc8d5162108f4b5250285aa876a0eb3","ssdeep":"","tlshash":"7d21629e964eb0a11cd88ccea45971b1f4396e32bf33e4537d4f702a3630cb0c419a94","size":1276,"data":"","first_seen":"2025-03-24T23:29:44.57351Z","last_seen":"2026-02-24T03:33:02.681635Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.magictrrop.guru/click?offer_id=35018\u0026pub_id=272991\u0026pub_sub_id=9292224\u0026pub_click_id=9292224","fqdn":"www.magictrrop.guru","domain":"magictrrop.guru","tld":"guru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:39.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magictrrop.guru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 21:11:49 GMT","end":"Sat, 25 Apr 2026 22:09:21 GMT"},"fingerprint":{"sha1":"77:42:EA:3C:79:73:14:AA:F8:A9:0E:1E:86:C2:81:D0:8D:E8:1F:87","sha256":"F0:4F:88:59:F3:56:A0:2F:10:2B:B3:73:60:3B:F5:F5:C9:6D:2E:18:D6:93:E7:EE:C9:48:2E:1E:15:72:B9:1E"}}},"request":{"raw":"GET /click?offer_id=35018\u0026pub_id=272991\u0026pub_sub_id=9292224\u0026pub_click_id=9292224 HTTP/1.1\r\nHost: www.magictrrop.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 22 Feb 2026 10:19:39 GMT\r\ncontent-length: 0\r\nlocation: https://track.linkics.com/click?pid=846\u0026offer_id=24074\u0026sub1=BuaHIqkAAAGchNypqQAAiMoABCpfAAAAAAAAAAAUAAABlwc\u0026sub2=272991\r\naccess-control-allow-origin: *\r\nreferrer-policy: no-referrer\r\naccess-control-allow-methods: *\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lf%2FIxSsJmKN1oiAeks5hYo3lFSTgLJloryXoEtrcGrqu9TpV%2FVbxVlD%2FnwQA6ceTbTa%2BKBfgm2ocIrQnceNUAi%2FWBqmjJ7A6G0X7DOQTu%2FAcu9Y%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9d1dbf15bd7a618c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2606,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":68,"dns":34,"connect":8,"send":0,"wait":54,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.linkics.com/click?pid=846\u0026offer_id=24074\u0026sub1=BuaHIqkAAAGchNypqQAAiMoABCpfAAAAAAAAAAAUAAABlwc\u0026sub2=272991","fqdn":"track.linkics.com","domain":"linkics.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:39.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linkics.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Feb 2026 19:13:28 GMT","end":"Wed, 20 May 2026 20:12:05 GMT"},"fingerprint":{"sha1":"3A:8B:A7:FD:A8:6E:0C:89:52:2F:40:61:BE:87:B3:DF:93:7E:78:1E","sha256":"7E:DD:FB:47:EB:91:F0:39:78:99:34:47:89:EB:04:9F:2A:27:29:7A:44:AE:31:56:B8:4A:FB:1F:51:3F:14:16"}}},"request":{"raw":"GET /click?pid=846\u0026offer_id=24074\u0026sub1=BuaHIqkAAAGchNypqQAAiMoABCpfAAAAAAAAAAAUAAABlwc\u0026sub2=272991 HTTP/1.1\r\nHost: track.linkics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 22 Feb 2026 10:19:39 GMT\r\ncontent-length: 0\r\nlocation: https://perulateforesteepbreton.com/cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991\r\nserver: cloudflare\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: *\r\nset-cookie: afclick=699ad83b54f1260001cb07bf; expires=Mon, 22 Feb 2027 10:19:39 GMT; secure; SameSite=None\nafoffers={\"24074\":[1771755579,1]}; expires=Mon, 22 Feb 2027 10:19:39 GMT; secure; SameSite=None\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sRP9zkXQwNYtxZj3v1ZPF2CqfHVU2scvMpWl2yjJU8gkiZffB2JmpCSyReVcQJWGEQeYQ2FYJvtHPcjGsAfk7VZuC%2B62h4t9xbrUt4VOgdn2\"}]}\r\ncf-ray: 9d1dbf1679f21382-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2606,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":54,"dns":20,"connect":8,"send":0,"wait":73,"receive":2,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perulateforesteepbreton.com/cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991","fqdn":"perulateforesteepbreton.com","domain":"perulateforesteepbreton.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:39.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"perulateforesteepbreton.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 22:32:18 GMT","end":"Fri, 24 Apr 2026 23:29:37 GMT"},"fingerprint":{"sha1":"F9:C5:3F:2B:99:B5:14:B4:32:35:7F:A2:E3:AB:61:62:7B:F4:AE:F6","sha256":"17:02:CB:3B:E0:2D:24:01:E0:00:CC:7A:46:72:D7:0E:C0:69:B9:A8:6F:35:5F:B5:26:01:94:6E:E5:B0:53:2A"}}},"request":{"raw":"GET /cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991 HTTP/1.1\r\nHost: perulateforesteepbreton.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 10:19:40 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IGpM8eRzVzGyyPIYbK718C07y%2Fez2hvA6U9UFuqY40V9S%2Bgd1W%2BvN9j7JYVdvQY7N%2F0jRv8m%2F%2Brc9UfrcORzpiHqCXubRBgP32bmO9k5tgerbRUN6YH2e6P2mA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d1dbf176db8eff0-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2606,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"86d1a2d2c9898d3d41a84564091088c4","sha1":"4926bfc861aa93eb33069a062342493c6dfe45a9","sha256":"b0bf8eb9ee960ca4fc2c3e76a3bfedb02043786c3b7a85f52183483d1fdf07de","sha512":"af253ca009a6dbbcae258ed6fd9dd3f2a43544ca88125237f743a2351d8d5520344a511faf21191ca8c89bc91fd6af715a414060ed2ee813f6d8ba5645f53ec8","ssdeep":"","tlshash":"335195899b0d2047646691dc68a9b2f0a02e9d33ae27eff77c5b7034f684c784408be4","first_seen":"2024-01-17T09:30:17Z","last_seen":"2026-02-24T03:33:02.680591Z","times_seen":118,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":71,"dns":31,"connect":8,"send":0,"wait":75,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deb.kcubeterm.me/?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc3MTc2Mjc2NCwiaWF0IjoxNzcxNzU1NTY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMmI4a2ozdG81M2k0anM0NDAzNzNnMHQiLCJuYmYiOjE3NzE3NTU1NjQsInRzIjoxNzcxNzU1NTY0NTQ4Nzg4fQ.L7P7wbPgcnMBgqWWm_qfcoa1NORQ2TMAa6n1ISdH-fQ\u0026sid=f60aae04-0fd7-11f1-9b20-c73dba8eb889","fqdn":"deb.kcubeterm.me","domain":"kcubeterm.me","tld":"me"},"ip":{"addr":"212.7.209.215","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:24.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kcubeterm.me","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 07:35:18 GMT","end":"Fri, 20 Mar 2026 07:35:17 GMT"},"fingerprint":{"sha1":"F0:2F:D3:F4:C9:7D:67:F2:C4:A4:A5:86:B2:12:4D:79:10:38:D6:DC","sha256":"DD:1E:79:5F:E7:64:05:07:C0:5F:53:08:AC:2B:E0:F8:BE:FD:91:56:C9:B9:6B:33:89:CA:C7:25:D7:87:81:CC"}}},"request":{"raw":"GET /?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc3MTc2Mjc2NCwiaWF0IjoxNzcxNzU1NTY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMmI4a2ozdG81M2k0anM0NDAzNzNnMHQiLCJuYmYiOjE3NzE3NTU1NjQsInRzIjoxNzcxNzU1NTY0NTQ4Nzg4fQ.L7P7wbPgcnMBgqWWm_qfcoa1NORQ2TMAa6n1ISdH-fQ\u0026sid=f60aae04-0fd7-11f1-9b20-c73dba8eb889 HTTP/1.1\r\nHost: deb.kcubeterm.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deb.kcubeterm.me/\r\nCookie: sid=f60aae04-0fd7-11f1-9b20-c73dba8eb889\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 11\r\ndate: Sun, 22 Feb 2026 10:19:24 GMT\r\nlocation: http://q1.quotes.com/f6288a90-0fd7-11f1-ac2d-33e45dc7e4be\r\nserver: Cowboy\r\nset-cookie: sid=f60aae04-0fd7-11f1-9b20-c73dba8eb889; path=/; domain=.kcubeterm.me; expires=Fri, 12 Mar 2094 13:33:32 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"deb.kcubeterm.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"q1.quotes.com/f6288a90-0fd7-11f1-ac2d-33e45dc7e4be","fqdn":"q1.quotes.com","domain":"quotes.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:25.064Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /f6288a90-0fd7-11f1-ac2d-33e45dc7e4be HTTP/1.1\r\nHost: q1.quotes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":7413,"timings":{"blocked":7413,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lisabergtrain.support/click?offer_id=35018\u0026pub_id=272991\u0026pub_sub_id=9292224\u0026pub_click_id=9292224","fqdn":"www.lisabergtrain.support","domain":"lisabergtrain.support","tld":"support"},"ip":{"addr":"51.68.85.158","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:39.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.lisabergtrain.support","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 09:21:33 GMT","end":"Wed, 20 May 2026 09:21:32 GMT"},"fingerprint":{"sha1":"E5:CD:43:FD:61:B9:C5:57:9D:FF:4D:FE:54:86:E2:67:25:7E:34:0C","sha256":"56:62:B5:58:CB:F4:15:BD:27:75:A3:1A:CF:E1:9A:C4:8B:8F:CB:CB:04:CB:AE:02:82:4B:76:C0:67:6E:04:D1"}}},"request":{"raw":"GET /click?offer_id=35018\u0026pub_id=272991\u0026pub_sub_id=9292224\u0026pub_click_id=9292224 HTTP/1.1\r\nHost: www.lisabergtrain.support\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nDate: Sun, 22 Feb 2026 10:19:39 GMT\r\nContent-Type: text/html\r\nContent-Length: 142\r\nConnection: keep-alive\r\nLocation: https://www.magictrrop.guru/click?offer_id=35018\u0026pub_id=272991\u0026pub_sub_id=9292224\u0026pub_click_id=9292224\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":null,"data":{"size":2606,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":129,"dns":14,"connect":34,"send":0,"wait":33,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perulateforesteepbreton.com/favicon.ico","fqdn":"perulateforesteepbreton.com","domain":"perulateforesteepbreton.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perulateforesteepbreton.com/cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991","date":"2026-02-22T10:19:40.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"perulateforesteepbreton.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 22:32:18 GMT","end":"Fri, 24 Apr 2026 23:29:37 GMT"},"fingerprint":{"sha1":"F9:C5:3F:2B:99:B5:14:B4:32:35:7F:A2:E3:AB:61:62:7B:F4:AE:F6","sha256":"17:02:CB:3B:E0:2D:24:01:E0:00:CC:7A:46:72:D7:0E:C0:69:B9:A8:6F:35:5F:B5:26:01:94:6E:E5:B0:53:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: perulateforesteepbreton.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://perulateforesteepbreton.com/cjrSFe07b2c386aabd1410719a46ea8d264ee1771e174?s3=699ad83b54f1260001cb07bf\u0026s1=846_272991\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sun, 22 Feb 2026 10:19:40 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0poaw18czWm2G0Sv8WKRnHEu6OK13jJtDXHbeBKi7Gge3xhzfDpiSMJKXXUVLRRxJ0IK2wVB2kzlio1dzhQ8ye5UpudC03eSeCvULGJJLSD%2F7hhNnr1gn8wxdA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d1dbf196ee5bc80-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-27T16:17:49.230033Z","times_seen":497304,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deb.kcubeterm.me/","fqdn":"deb.kcubeterm.me","domain":"kcubeterm.me","tld":"me"},"ip":{"addr":"212.7.209.215","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:24.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kcubeterm.me","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 07:35:18 GMT","end":"Fri, 20 Mar 2026 07:35:17 GMT"},"fingerprint":{"sha1":"F0:2F:D3:F4:C9:7D:67:F2:C4:A4:A5:86:B2:12:4D:79:10:38:D6:DC","sha256":"DD:1E:79:5F:E7:64:05:07:C0:5F:53:08:AC:2B:E0:F8:BE:FD:91:56:C9:B9:6B:33:89:CA:C7:25:D7:87:81:CC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: deb.kcubeterm.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 478\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 22 Feb 2026 10:19:24 GMT\r\nserver: Cowboy\r\nset-cookie: sid=f60aae04-0fd7-11f1-9b20-c73dba8eb889; path=/; domain=.kcubeterm.me; expires=Fri, 12 Mar 2094 13:33:31 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":478,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (478), with no line terminators","md5":"5dff165fbbc45deb61de171b75a594cd","sha1":"700943826ed0949f27008de55c29ce6b89f1d74f","sha256":"240d8b017113bd9990da17032992cc46a821df4da4620bdbccb22d4b5b9df560","sha512":"ff0ab604b78d33c44092143512831c54b501050d116faa47c415ec7661a021c33dbdd0b70dc1668755a63ed74d4e05de9f86cd46dbbc0b61bddb6c320617c5a6","ssdeep":"","tlshash":"e1f0d4eb8c83c84c79d03b408f982954464944d01064d45df0c07ce8ae3878ded19739","first_seen":"2026-02-22T10:19:47.342153Z","last_seen":"2026-02-22T10:19:47.342153Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":118,"dns":60,"connect":22,"send":0,"wait":26,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"deb.kcubeterm.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"deb.kcubeterm.me/favicon.ico","fqdn":"deb.kcubeterm.me","domain":"kcubeterm.me","tld":"me"},"ip":{"addr":"212.7.209.215","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://deb.kcubeterm.me/","date":"2026-02-22T10:19:24.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kcubeterm.me","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 07:35:18 GMT","end":"Fri, 20 Mar 2026 07:35:17 GMT"},"fingerprint":{"sha1":"F0:2F:D3:F4:C9:7D:67:F2:C4:A4:A5:86:B2:12:4D:79:10:38:D6:DC","sha256":"DD:1E:79:5F:E7:64:05:07:C0:5F:53:08:AC:2B:E0:F8:BE:FD:91:56:C9:B9:6B:33:89:CA:C7:25:D7:87:81:CC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: deb.kcubeterm.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deb.kcubeterm.me/\r\nCookie: sid=f60aae04-0fd7-11f1-9b20-c73dba8eb889\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 9\r\ndate: Sun, 22 Feb 2026 10:19:24 GMT\r\nserver: Cowboy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]},{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]}],"data":{"size":9,"size_decoded":0,"mime_type":"image/x-icon","magic":"ASCII text, with no line terminators","md5":"d8f4a1993546cc4b850cde3599e27aec","sha1":"094b763b4cfcc0b05e5d040581cd513c3ca08067","sha256":"907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9","sha512":"7c696247f98aa6fe4e1df001fd6029abbbccf45b122d65dfdede8f8a400cda775387c657f96bd1e4e52da7409187892b1f0786c54d835d2e44227b2e1335eaf6","ssdeep":"","tlshash":"4a50000c0003030c0000003000c00030000c03000c0000300000c00c00000000c000cc","first_seen":"2023-03-08T07:11:06Z","last_seen":"2026-04-27T14:09:05.485991Z","times_seen":19400,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"deb.kcubeterm.me","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"q1.quotes.com/f6288a90-0fd7-11f1-ac2d-33e45dc7e4be","fqdn":"q1.quotes.com","domain":"quotes.com","tld":"com"},"ip":{"addr":"5.79.68.236","port":80,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T10:19:39.493Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /f6288a90-0fd7-11f1-ac2d-33e45dc7e4be HTTP/1.1\r\nHost: q1.quotes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\nconnection: close\r\ncontent-length: 11\r\ndate: Sun, 22 Feb 2026 10:19:39 GMT\r\nlocation: https://www.lisabergtrain.support/click?offer_id=35018\u0026pub_id=272991\u0026pub_sub_id=9292224\u0026pub_click_id=9292224\r\nserver: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2606,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":22,"dns":0,"connect":22,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}