{"report_id":"67b05d78-9d28-4f9f-a363-5d78299f39a3","version":6,"status":"done","tags":[],"date":"2025-08-23T19:42:34Z","url":{"schema":"http","addr":"m.bolomp27.click/c/n/282999/4214?cid=1\u0026sc=1","fqdn":"m.bolomp27.click","domain":"bolomp27.click","tld":"click"},"ip":{"addr":"172.67.171.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"52.36.94.173/vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119","fqdn":"52.36.94.173","domain":"52.36.94.173","tld":""},"title":"52.36.94.173/vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119"},"submit":{"url":{"schema":"http","addr":"m.bolomp27.click/c/n/282999/4214?cid=1\u0026sc=1","fqdn":"m.bolomp27.click","domain":"bolomp27.click","tld":"click"},"ip":{"addr":"172.67.171.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-27T19:42:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-23","alert":"Sinkholed","trigger":"52.36.94.173","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.bolomp27.click","ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-17","domain_rank":0,"first_seen":"2025-06-08T19:33:35.58148Z","last_seen":"2025-08-18T19:42:53.521585Z","alert_count":0,"request_count":1,"received_data":861,"sent_data":511,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bng.o18a.com","ip":{"addr":"104.21.48.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-03-23","domain_rank":0,"first_seen":"2024-04-30T17:43:55Z","last_seen":"2025-08-22T23:30:42.342794Z","alert_count":0,"request_count":1,"received_data":1425,"sent_data":569,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"52.36.94.173","ip":{"addr":"52.36.94.173","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2018-10-28T11:51:14Z","last_seen":"2024-02-20T01:14:30Z","alert_count":2,"request_count":2,"received_data":271410,"sent_data":970,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.6","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:5.6.38","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Red Hat","description":"Red Hat is an open-source Linux operating system.","website":"https://www.redhat.com","common_platform_enumeration":"cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*","icon":"Red Hat.svg","categories":["Operating systems"]},{"name":"OpenSSL:1.0.2k","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"m.bolomp27.click/c/n/282999/4214?cid=1\u0026sc=1","fqdn":"m.bolomp27.click","domain":"bolomp27.click","tld":"click"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-23T19:42:11.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bolomp27.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 09 Jul 2025 09:13:04 GMT","end":"Tue, 07 Oct 2025 10:08:05 GMT"},"fingerprint":{"sha1":"00:16:88:39:2A:F3:2D:EC:EC:E2:28:8F:36:FA:4F:61:0C:83:A2:7F","sha256":"73:FD:FA:5F:5C:B2:4E:86:6A:F6:5B:A6:6D:89:D9:0C:68:28:2E:11:C5:1E:35:C1:0F:CA:98:4A:CF:2C:6D:BB"}}},"request":{"raw":"GET /c/n/282999/4214?cid=1\u0026sc=1 HTTP/1.1\r\nHost: m.bolomp27.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 23 Aug 2025 19:42:12 GMT\r\ncontent-length: 0\r\nlocation: https://bng.o18a.com/c?o=21753387\u0026m=1471\u0026a=104448\u0026sub_aff_id=4214_1\u0026aff_sub1=e0cd26228fc140998ddf8677692986a9\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-transform\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iFQm6PtVP6VhJFjWDg4A4nCLBm7kUoBEWmwYzM8iG6%2FIss0q5j2FmRuNp6HiWg%2BJdnNalRNv3F%2FMu5u8%2F2l07koQuVPL%2FrnZYZ3i%2FAZzEWc%3D\"}]}\r\nset-cookie: uk=f722faca064a430da066e2dc66d305dd; HttpOnly; Path=/; Domain=bolomp27.click; Expires=Thu, 10 Sep 2093 22:56:19 GMT\r\ncf-ray: 973d177d4a99ddf7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T01:48:45.160697Z","times_seen":16340841,"resource_available":true,"data":null}},"time_used":407,"timings":{"blocked":92,"dns":60,"connect":8,"send":0,"wait":223,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bng.o18a.com/c?o=21753387\u0026m=1471\u0026a=104448\u0026sub_aff_id=4214_1\u0026aff_sub1=e0cd26228fc140998ddf8677692986a9","fqdn":"bng.o18a.com","domain":"o18a.com","tld":"com"},"ip":{"addr":"104.21.48.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-23T19:42:12.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"o18a.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 08 Jul 2025 07:56:06 GMT","end":"Mon, 06 Oct 2025 08:54:49 GMT"},"fingerprint":{"sha1":"28:A9:BA:24:39:96:CD:06:D8:86:AD:3A:06:C6:E8:CD:F6:B1:E1:D6","sha256":"92:51:73:A4:BC:7B:99:1D:82:47:60:F6:97:5C:2D:A3:E4:90:80:F5:16:92:95:21:92:64:7C:5A:BD:D5:4F:A4"}}},"request":{"raw":"GET /c?o=21753387\u0026m=1471\u0026a=104448\u0026sub_aff_id=4214_1\u0026aff_sub1=e0cd26228fc140998ddf8677692986a9 HTTP/1.1\r\nHost: bng.o18a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 23 Aug 2025 19:42:12 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: http://52.36.94.173/vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119\r\nserver: cloudflare\r\ncontent-location: c.php\r\nvary: negotiate\r\ntcn: choice\r\nx-isp-debug: {\"expire\":1756150054,\"country\":\"NO\",\"state\":\"oslo\",\"city\":\"oslo\",\"state2\":\"oslo\",\"city2\":\"oslo\",\"asn_number\":\"AS50304\",\"asn\":\"blix_solutions_as\",\"asn_type\":\"hosting\",\"isp\":\"AS50304 - blix_solutions_as\"}\r\nx-isp: []\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dI4YBSC5280FmSZde%2Bmg%2BAbglgIV6o9ZmXUIO0FfWSQrxEeWTG0JAu6oK8Dtl2K2D0TnBjFSh71k7d%2BosW0nNPhr62so2X6aQawNsg%3D%3D\"}]}\r\nset-cookie: MJE3NTMZODD8OTEUOTAUNDIUMTU0=1755978132.426; Path=/; Max-Age=86400; Expires=Sun, 24 Aug 2025 19:42:12 GMT\n21753387=D-21753387-1755978132-34G133G150G62-QREPF8119; SameSite=None; Secure; Path=/; Max-Age=2592000; Expires=Mon, 22 Sep 2025 19:42:12 GMT\n____global_tid=D-21753387-1755978132-34G133G150G62-QREPF8119; SameSite=None; Secure; Path=/; Max-Age=2592000; Expires=Mon, 22 Sep 2025 19:42:12 GMT\r\ncf-ray: 973d177f2a62a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":75,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T01:48:45.160697Z","times_seen":16340841,"resource_available":true,"data":null}},"time_used":287,"timings":{"blocked":67,"dns":35,"connect":8,"send":0,"wait":153,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"52.36.94.173/vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119","fqdn":"52.36.94.173","domain":"52.36.94.173","tld":""},"ip":{"addr":"52.36.94.173","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-23T19:42:12.500Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119 HTTP/1.1\r\nHost: 52.36.94.173\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 23 Aug 2025 19:42:12 GMT\r\nServer: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.38\r\nX-Powered-By: PHP/5.6.38\r\nSet-Cookie: PHPSESSID=lrj7rmrusf44l3v38pl2947ki2; path=/\r\nExpires: 120\r\nCache-Control: public,private,max-age=120\r\nPragma: public,private,max-age=120\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 90\r\nKeep-Alive: timeout=2, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.6","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:5.6.38","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Red Hat","description":"Red Hat is an open-source Linux operating system.","website":"https://www.redhat.com","common_platform_enumeration":"cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*","icon":"Red Hat.svg","categories":["Operating systems"]},{"name":"OpenSSL:1.0.2k","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":75,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"1b976d25399f6d2a2d8c378e09ec47b7","sha1":"b0784b5698692b85a21d17004810f5a479cf62b2","sha256":"2ed044ce545556fe41c1887eb00f3f890d65304c96927e79f49fc8b69ae3f521","sha512":"a2d540a87767880237f1a2c65daa8cfbab69ffd978859039ec4dbf0b2abc636fc924e6a2f4d389842748772d5f5442910d53641cf3f5fa69be76215278a286d6","ssdeep":"","tlshash":"a9a0228f2b883002200302832c802b00ea30c80003bf03ef3f22808e32800fe0300388","first_seen":"2024-08-20T06:39:30.970515Z","last_seen":"2025-09-28T22:39:50.96991Z","times_seen":283,"resource_available":false,"data":null}},"time_used":1908,"timings":{"blocked":172,"dns":0,"connect":172,"send":0,"wait":1564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-23","alert":"Sinkholed","trigger":"52.36.94.173","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"52.36.94.173/favicon.ico","fqdn":"52.36.94.173","domain":"52.36.94.173","tld":""},"ip":{"addr":"52.36.94.173","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://52.36.94.173/vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119","date":"2025-08-23T19:42:14.464Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 52.36.94.173\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://52.36.94.173/vodacomtz/mobibattle/?camp=C2COFRMSCPA\u0026rcid=D-21753387-1755978132-34G133G150G62-QREPF8119\r\nCookie: PHPSESSID=lrj7rmrusf44l3v38pl2947ki2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 23 Aug 2025 19:42:14 GMT\r\nServer: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.38\r\nLast-Modified: Tue, 12 Apr 2022 09:22:31 GMT\r\nAccept-Ranges: bytes\r\nCache-Control: public,private,max-age=120\r\nExpires: 120\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nPragma: public,private,max-age=120\r\nContent-Length: 3396\r\nKeep-Alive: timeout=2, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/vnd.microsoft.icon\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Red Hat","description":"Red Hat is an open-source Linux operating system.","website":"https://www.redhat.com","common_platform_enumeration":"cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*","icon":"Red Hat.svg","categories":["Operating systems"]},{"name":"OpenSSL:1.0.2k","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.6","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:5.6.38","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":270398,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 256x256, 32 bits/pixel","md5":"0e985613a3a4dd3ddc8ee9e071a048df","sha1":"0c237b4ae9f1ac566a7417d66a88e843085631af","sha256":"934e8aeb6ebea55ef92978b153e2014e95929242c4d4e90d0fbfd4ac77f7cc83","sha512":"94a4ae5c03085688dc14777037a586fa11185927fd963848d9072dc195876c56eb3975d6e8b4139c51dc424208291315572f0e769be2041ca0695f0e7e35c131","ssdeep":"48:QKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN:fk8BUlG52V7","tlshash":"86443470fdc1d2abdca93efb4f94e6d9a911bf345c404546ba9133de6db8220845cb0a","first_seen":"2023-05-19T16:14:14Z","last_seen":"2025-09-28T22:39:50.970651Z","times_seen":428,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-23","alert":"Sinkholed","trigger":"52.36.94.173","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}