{"report_id":"67dfb986-a7c9-48eb-a0d0-92e4dcda0610","version":6,"status":"done","tags":[],"date":"2026-04-10T12:42:42Z","url":{"schema":"http","addr":"nsucor.sbs/","fqdn":"nsucor.sbs","domain":"nsucor.sbs","tld":"sbs"},"ip":{"addr":"38.177.249.10","port":0,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"nsucor.sbs/","fqdn":"nsucor.sbs","domain":"nsucor.sbs","tld":"sbs"},"title":"nsucor.sbs/","dom":{"size":307,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"d9e566d532f13532813567dc20a24817","sha1":"4e84748e08377cfcc32ada1a5218f2fc7a620125","sha256":"b885cd73341a4f42f2934b6230fbd484cd38c8e8cb4a93e2cfcfc926a4665c55","sha512":"ae323d841ef7c768dd877edc21559cb9a313141121a2df6c5e4c7302cdc4604b9839c4be8fef78cb891df59d04a7763d4372f2a7fc1e0196b65a978589cbfb0c","ssdeep":"","tlshash":"79e0cda71425915be3318f7059f6714a45168cc2f4899c60e74424dd05e9b19c4932b1","dom_hash":"domhashd88115efcfd02d72cf36cf1b45483101","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"nsucor.sbs/","fqdn":"nsucor.sbs","domain":"nsucor.sbs","tld":"sbs"},"ip":{"addr":"38.177.249.10","port":0,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T12:42:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"nsucor.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"nsucor.sbs","ip":{"addr":"38.177.249.10","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"domain_registered":"2025-05-23","domain_rank":0,"first_seen":"2026-04-10T12:42:42.461113Z","last_seen":"2026-04-10T12:42:42.461113Z","alert_count":2,"request_count":2,"received_data":58950,"sent_data":906,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"nsucor.sbs/","fqdn":"nsucor.sbs","domain":"nsucor.sbs","tld":"sbs"},"ip":{"addr":"38.177.249.10","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T12:42:19.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nsucor.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 20:04:28 GMT","end":"Tue, 23 Jun 2026 20:04:27 GMT"},"fingerprint":{"sha1":"CD:9D:91:08:03:5E:90:F1:86:6C:F6:65:B2:DE:25:7A:18:77:46:C2","sha256":"E4:66:C6:74:EE:A0:2C:6B:4A:6F:4A:89:D5:DC:84:97:28:AD:2F:5B:71:DF:0E:02:54:E6:C6:0F:34:F2:21:9A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: nsucor.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 12:42:21 GMT\r\ncontent-type: text/html\r\ncontent-length: 300\r\nlast-modified: Thu, 05 Feb 2026 03:26:49 GMT\r\netag: \"69840df9-12c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":300,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"643b5f33615f68d460febab56ed3340c","sha1":"3aeb857093ed7b54faef21cb90b0a19e49718e51","sha256":"4e27329f982d00d93f22c9e25e9739ecf211bd4987049731a8fe5413928756bb","sha512":"feaa8393ad0c1da699507529752b63728c8aef3743bd10c9fc217f2af027ebe4faa811e7b936124e80eef217e064341b7253b67b0a1be130f9ea1ce878a3a81c","ssdeep":"","tlshash":"61e0c2a71429a256d2218f646af2314a455359c6f48958d0d74590ce49edf08c4cb2b2","first_seen":"2026-04-10T12:42:48.853236Z","last_seen":"2026-04-10T12:42:48.853236Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2344,"timings":{"blocked":1083,"dns":721,"connect":177,"send":0,"wait":178,"receive":0,"ssl":182},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"nsucor.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nsucor.sbs/favicon.ico","fqdn":"nsucor.sbs","domain":"nsucor.sbs","tld":"sbs"},"ip":{"addr":"38.177.249.10","port":443,"asn":394432,"as":"PEG-SG","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nsucor.sbs/","date":"2026-04-10T12:42:21.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nsucor.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 20:04:28 GMT","end":"Tue, 23 Jun 2026 20:04:27 GMT"},"fingerprint":{"sha1":"CD:9D:91:08:03:5E:90:F1:86:6C:F6:65:B2:DE:25:7A:18:77:46:C2","sha256":"E4:66:C6:74:EE:A0:2C:6B:4A:6F:4A:89:D5:DC:84:97:28:AD:2F:5B:71:DF:0E:02:54:E6:C6:0F:34:F2:21:9A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: nsucor.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nsucor.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 12:42:21 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"695e4208-e34b\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58187,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (56756)","md5":"aedbc1b9ade8a946486c724eb626d2ba","sha1":"c1c8f5988c2baf5a69b0f7834bbbceb8ad78f788","sha256":"5be36296c1b614ad3ecc299493cba8db4d6662d683e7a47f08a0b31b7ce17da0","sha512":"5dc2f56f20a50131cc436cdef561c395ad22f1f14ecdada53768e613bac36f1fe75e3a587cbd4e97fd39944ad30540a320ce667d8eb8208255d393dc659fb0bf","ssdeep":"768:cHJYDDQHVZHIs91TXESJBjgBSp00yCqJ3Z+IYM3WiesRQiULO0bpD9tcNQEfdom9:cmDD6oeFUycwpk06hWp1b99c7V3","tlshash":"6e43021803de40a2dd9d78d9426f2f3d842a1863da1c94bd1f5b6df0cb0d8a4667f2e9","first_seen":"2025-09-18T04:22:02.004691Z","last_seen":"2026-04-10T12:42:48.855618Z","times_seen":433,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"nsucor.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}