{"report_id":"736b42cb-6076-4694-bfc5-63b0c90697c7","version":6,"status":"done","tags":[],"date":"2025-12-28T05:45:13Z","url":{"schema":"http","addr":"neo1xagent.xyz/","fqdn":"neo1xagent.xyz","domain":"neo1xagent.xyz","tld":"xyz"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"neo1xagent.xyz/","fqdn":"neo1xagent.xyz","domain":"neo1xagent.xyz","tld":"xyz"},"title":"Deployment Unavailable","dom":{"size":1636,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1636), with no line terminators","md5":"9617156368489863ba4ad11675684b78","sha1":"0b9e48f1ae3667cf593058985166adb579eadb81","sha256":"3102b565840af7f86f408982bcc82da21905600d26e594fd3314dbb624f05cd4","sha512":"da3f735e94f04b216c18dd82b38a0037cb9556f84114186f937578fdfba3583c0f6916a7c93516798b1428332187dbc5f4336f27caaa296bddd68b93d2382166","ssdeep":"","tlshash":"853160b745a1602ef33b88fe24e627642244811ac0920f99b618ebb8e2c7ca65023685","dom_hash":"domhashec6cdb565b8b0f77c754672472fa9910","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"neo1xagent.xyz/","fqdn":"neo1xagent.xyz","domain":"neo1xagent.xyz","tld":"xyz"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-01T05:45:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"neo1xagent.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"neo1xagent.xyz","ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-10-28","domain_rank":0,"first_seen":"2025-12-28T05:45:13.57635Z","last_seen":"2025-12-28T05:45:13.576351Z","alert_count":3,"request_count":3,"received_data":4384,"sent_data":1401,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"neo1xagent.xyz/","fqdn":"neo1xagent.xyz","domain":"neo1xagent.xyz","tld":"xyz"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-28T05:44:51.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"neo1xagent.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 23:51:56 GMT","end":"Mon, 26 Jan 2026 23:51:55 GMT"},"fingerprint":{"sha1":"7C:B3:B5:F1:AE:3C:DD:0D:3C:B4:D1:CA:23:56:E9:36:6F:A3:65:30","sha256":"5E:3E:13:38:FF:ED:7A:BA:0B:43:DE:73:B5:05:9A:BD:00:08:AA:C1:CF:C5:7F:32:8A:87:6A:EC:88:91:CA:BA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: neo1xagent.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 451 Unavailable For Legal Reasons\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 28 Dec 2025 05:44:51 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-error: DEPLOYMENT_DISABLED\r\nx-vercel-id: arn1::7hg8n-1766900691328-bced88c5f362\r\ncontent-length: 1590\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"451","status_text":"Unavailable For Legal Reasons","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1590,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1590), with no line terminators","md5":"5f0b2ef0ac2facd735d7dbadd6040e79","sha1":"075f9a4a219057976ffcc5faa093c7740b969db4","sha256":"744abebd53a03d2992775045d0f853905d0e238b1c2c6d4cff37a34b0809c099","sha512":"f4a426259e3873af364397579ba31cb1dcdbcc94522d7735becf6499856ba9826a80c4ce47329d2762c5e0fe8b3c906f1bc9a72524c1edc5aca3c0e901019a0f","ssdeep":"","tlshash":"c33142a705b1702ef33b88fd34d63b5462049526c0920f99f658efb8e2c78a66533649","first_seen":"2025-12-28T05:45:16.571784Z","last_seen":"2025-12-28T05:45:16.571784Z","times_seen":1,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":88,"dns":57,"connect":1,"send":0,"wait":10,"receive":11,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"neo1xagent.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"neo1xagent.xyz/","fqdn":"neo1xagent.xyz","domain":"neo1xagent.xyz","tld":"xyz"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-28T05:44:51.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"neo1xagent.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 23:51:56 GMT","end":"Mon, 26 Jan 2026 23:51:55 GMT"},"fingerprint":{"sha1":"7C:B3:B5:F1:AE:3C:DD:0D:3C:B4:D1:CA:23:56:E9:36:6F:A3:65:30","sha256":"5E:3E:13:38:FF:ED:7A:BA:0B:43:DE:73:B5:05:9A:BD:00:08:AA:C1:CF:C5:7F:32:8A:87:6A:EC:88:91:CA:BA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: neo1xagent.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 451 Unavailable For Legal Reasons\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 28 Dec 2025 05:44:51 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-error: DEPLOYMENT_DISABLED\r\nx-vercel-id: arn1::7hg8n-1766900691505-c24bf8d608cf\r\ncontent-length: 1590\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"451","status_text":"Unavailable For Legal Reasons","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1590,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1590), with no line terminators","md5":"b2f4b9f11eeda2d24790f1573d42812d","sha1":"3cb9c4b46c3352e86e6e16051db783a7afb92fd6","sha256":"91bf5a03e67d6ad7532a76ed9c1e9b5333fd09299f0bfe46a1262e13a0810107","sha512":"f0a3eda8d151f0da66c370ceaaee0bdbb6852ba630f5bc64029490771149df9095353bacaf1a56642b3d282f6dd38e5ffa44e3cfb90844a449c019cd4a7a3ca8","ssdeep":"","tlshash":"4a3142b705b1702ef33b88fd34d6375472048526c0921f95f658efb8e2c78a66533649","first_seen":"2025-12-28T05:45:16.574016Z","last_seen":"2025-12-28T05:45:16.574016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"neo1xagent.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"neo1xagent.xyz/favicon.ico","fqdn":"neo1xagent.xyz","domain":"neo1xagent.xyz","tld":"xyz"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://neo1xagent.xyz/","date":"2025-12-28T05:44:51.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"neo1xagent.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Oct 2025 23:51:56 GMT","end":"Mon, 26 Jan 2026 23:51:55 GMT"},"fingerprint":{"sha1":"7C:B3:B5:F1:AE:3C:DD:0D:3C:B4:D1:CA:23:56:E9:36:6F:A3:65:30","sha256":"5E:3E:13:38:FF:ED:7A:BA:0B:43:DE:73:B5:05:9A:BD:00:08:AA:C1:CF:C5:7F:32:8A:87:6A:EC:88:91:CA:BA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: neo1xagent.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://neo1xagent.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 451 Unavailable For Legal Reasons\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Sun, 28 Dec 2025 05:44:51 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-error: DEPLOYMENT_DISABLED\r\nx-vercel-id: arn1::bkcts-1766900691604-92a49cd42fa7\r\ncontent-length: 109\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"451","status_text":"Unavailable For Legal Reasons","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"0dc095474e392ed6b761595aa58a037f","sha1":"9d4b0973ae7ab963692e16cf21dabf373b75a7dc","sha256":"3958fa0924d6025f57bcc77e13a7dd67da111518620812c4a3c3220ba3a0e45e","sha512":"33cc6633579bcaed77c44da43a9c3b61976ef6dc3432e8b35b1570fbc82d3ed14e7ec811059a723829ea0773201d977b69c6434402c83ec44b475ef86e79dff9","ssdeep":"","tlshash":"c3b022b2b02202e2b338030200002c80bc80cba0b00c802cc3c0cf2c82cfbaccb830b0","first_seen":"2025-12-28T05:45:16.575918Z","last_seen":"2025-12-28T05:45:16.575918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"neo1xagent.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}