{"report_id":"6c22a2ed-5189-4406-a1a2-d56b59ddaee3","version":6,"status":"done","tags":[],"date":"2025-10-09T18:32:34Z","url":{"schema":"http","addr":"loyalty1stharley.com/","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"ip":{"addr":"66.81.203.8","port":0,"asn":40676,"as":"AS40676","country":"British Virgin Islands","country_code":"VG"},"final":{"url":{"schema":"http","addr":"loyalty1stharley.com/","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"title":"loyalty1stharley.com/"},"submit":{"url":{"schema":"http","addr":"loyalty1stharley.com/","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"ip":{"addr":"66.81.203.8","port":0,"asn":40676,"as":"AS40676","country":"British Virgin Islands","country_code":"VG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-13T18:32:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-09","alert":"Phishing Block","trigger":"loyalty1stharley.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"sedoparking.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"loyalty1stharley.com","ip":{"addr":"66.81.203.8","port":80,"asn":40676,"as":"AS40676","country":"British Virgin Islands","country_code":"VG"},"domain_registered":"2022-09-29","domain_rank":0,"first_seen":"2025-10-09T18:32:34.58278Z","last_seen":"2025-10-09T18:32:34.58278Z","alert_count":21,"request_count":3,"received_data":3380,"sent_data":1259,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sedoparking.com","ip":{"addr":"64.190.63.136","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2001-09-18","domain_rank":11712,"first_seen":"2012-06-01T05:52:33Z","last_seen":"2025-10-05T22:36:28.277333Z","alert_count":1,"request_count":1,"received_data":1548,"sent_data":506,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"loyalty1stharley.com/","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"683387de1fc2ce4d84fe4396a73356cf","sha1":"b3a89fdf86300d00b253d67fa1ec74b18763fae7","sha256":"d6cd10adccb764d29fdfbc75e714020416828d815b9a49eee034f8f4b47d4bc1","sha512":"5a4d07e3828ec4d141ce510d69deab0db0b68c6a79e694085db81a8f2b5bdb0aa66d50b1602dc8e28736f60bdfce76385253090c69316897dc0e79aa24fed7ab","ssdeep":"","tlshash":"28e0c0a94883c2d010c04113d1abfe341913f633c300dec4718e88173bcd7de48440b0","size":383,"data":"","first_seen":"2025-03-16T05:22:05.690218Z","last_seen":"2025-12-15T05:58:25.001747Z","times_seen":212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sedoparking.com/frmpark/loyalty1stharley.com/Skenzor19/park.js?beforeBodyEndHTML=%3Cp%3EThis+domain+is+pending+renewal+or+has+expired.+Please+contact+the+domain+provider+with+questions.%3C%2Fp%3E","fqdn":"sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ebdfd9dc51d7c4b379d6f363340fa15","sha1":"e884d981a7bb28f22f281c7d21a98369c0e3b1a8","sha256":"3efc0f2a5854a48a33126669e7d11fe15289f1a6bb017a547731d5f418b8602b","sha512":"4a6174af7439f1b89f3cf923dfdcf164c1b07bd54b33c602c735f11c3e584901b49fef814287310321e90135daca19109eed6bd6ad2898c5cbd60d67dbcdb4f9","ssdeep":"","tlshash":"8021fd7e7d52a833c6cac0aa1c7b7a48bca251033729d8e0965cccac18c5f4410b339b","size":1298,"data":"","first_seen":"2025-10-09T18:32:37.184361Z","last_seen":"2025-10-09T18:32:37.184361Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"9959f0dc897bacc7d3f75c39568b877b","sha1":"930fd47fa85bf8b4b058d5e7b628eb5894b2914d","sha256":"491840b1d3f19083516b6c73c4ec535f0e3209d07525bf533b2594e872392d60","sha512":"c677a381e2dd51b5acadf28e1c846803de24eeb20a5d26144398047ac654812a43b068b693ba76d1e6b6482808e6a56c3ae24193234121f36a25a1fb87dbf53f","ssdeep":"","tlshash":"45d02e066c83c4e020c1054ae2b3fe385a08fb209310dce891cac86a328dbcc1c921f8","size":271,"data":"","first_seen":"2025-10-09T18:32:37.187019Z","last_seen":"2025-10-09T18:32:37.187019Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"loyalty1stharley.com/favicon.ico","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"ip":{"addr":"66.81.203.8","port":80,"asn":40676,"as":"AS40676","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://loyalty1stharley.com/","date":"2025-10-09T18:32:16.679Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: loyalty1stharley.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://loyalty1stharley.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Thu, 09 Oct 2025 18:32:16 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 14 May 2024 12:10:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"664354b3-5a1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1441,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"c1623b2bf077f0635ed7ee83785d6d7d","sha1":"503be50bf8e110cfa340aa36dcde7d89e1323bde","sha256":"a82477f7c088c1b0d032cc6f9d774448d70e04ab3148d64722a90dfc049055f9","sha512":"7e505814501f2711a19760742744dc1b57bd6d5c843bf45242b4a8508b6163f20553cca9e4691fcfe1f5ae70e01537506bd395176bc564263dafeac46d3b6e0e","ssdeep":"","tlshash":"6221010688c1888410718221faf1ba68ef1bf67393065c8970ed75772ff2a888cd31ec","first_seen":"2024-05-18T08:55:12Z","last_seen":"2025-12-15T05:58:25.000206Z","times_seen":243,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-09","alert":"Phishing Block","trigger":"loyalty1stharley.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"loyalty1stharley.com/","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-09T18:32:12.004Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: loyalty1stharley.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-09","alert":"Phishing Block","trigger":"loyalty1stharley.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"loyalty1stharley.com/","fqdn":"loyalty1stharley.com","domain":"loyalty1stharley.com","tld":"com"},"ip":{"addr":"66.81.203.8","port":80,"asn":40676,"as":"AS40676","country":"British Virgin Islands","country_code":"VG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-09T18:32:15.385Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: loyalty1stharley.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Thu, 09 Oct 2025 18:32:15 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 14 May 2024 12:10:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"664354b3-5a1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1441,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"c1623b2bf077f0635ed7ee83785d6d7d","sha1":"503be50bf8e110cfa340aa36dcde7d89e1323bde","sha256":"a82477f7c088c1b0d032cc6f9d774448d70e04ab3148d64722a90dfc049055f9","sha512":"7e505814501f2711a19760742744dc1b57bd6d5c843bf45242b4a8508b6163f20553cca9e4691fcfe1f5ae70e01537506bd395176bc564263dafeac46d3b6e0e","ssdeep":"","tlshash":"6221010688c1888410718221faf1ba68ef1bf67393065c8970ed75772ff2a888cd31ec","first_seen":"2024-05-18T08:55:12Z","last_seen":"2025-12-15T05:58:25.000206Z","times_seen":243,"resource_available":false,"data":null}},"time_used":957,"timings":{"blocked":402,"dns":1,"connect":402,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-09","alert":"Phishing Block","trigger":"loyalty1stharley.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"loyalty1stharley.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"sedoparking.com/frmpark/loyalty1stharley.com/Skenzor19/park.js?beforeBodyEndHTML=%3Cp%3EThis+domain+is+pending+renewal+or+has+expired.+Please+contact+the+domain+provider+with+questions.%3C%2Fp%3E","fqdn":"sedoparking.com","domain":"sedoparking.com","tld":"com"},"ip":{"addr":"64.190.63.136","port":80,"asn":47846,"as":"SEDO GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://loyalty1stharley.com/","date":"2025-10-09T18:32:16.031Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /frmpark/loyalty1stharley.com/Skenzor19/park.js?beforeBodyEndHTML=%3Cp%3EThis+domain+is+pending+renewal+or+has+expired.+Please+contact+the+domain+provider+with+questions.%3C%2Fp%3E HTTP/1.1\r\nHost: sedoparking.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://loyalty1stharley.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Thu, 09 Oct 2025 18:32:16 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ntransfer-encoding: chunked\r\nvary: Accept-Encoding\r\nx-cache-miss-from: parking-7fbf5fd67f-487td\r\nserver: Parking/1.0\r\ncontent-encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1298,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (987)","md5":"9ebdfd9dc51d7c4b379d6f363340fa15","sha1":"e884d981a7bb28f22f281c7d21a98369c0e3b1a8","sha256":"3efc0f2a5854a48a33126669e7d11fe15289f1a6bb017a547731d5f418b8602b","sha512":"4a6174af7439f1b89f3cf923dfdcf164c1b07bd54b33c602c735f11c3e584901b49fef814287310321e90135daca19109eed6bd6ad2898c5cbd60d67dbcdb4f9","ssdeep":"","tlshash":"8021fd7e7d52a833c6cac0aa1c7b7a48bca251033729d8e0965cccac18c5f4410b339b","first_seen":"2025-10-09T18:32:37.184361Z","last_seen":"2025-10-09T18:32:37.184361Z","times_seen":1,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":43,"dns":14,"connect":31,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"sedoparking.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}