{"report_id":"73feff59-3fb3-4fc1-9dbe-90ba422c1bd5","version":0,"status":"done","tags":[],"date":"2026-06-28T15:19:42Z","url":{"schema":"https","addr":"hayperliduiq.cfd/","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"104.21.88.32","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"hayperliduiq.cfd/","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"title":"hayperliduiq.cfd/","dom":{"size":265,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"898d77b3b14b46985afaf2c055164b19","sha1":"7e10e98b40e873fcada9ba7ac7211691464afdb4","sha256":"32a6ad16decd8827cdf480aa194fcd51508ed7414c37644f854b3e2427ecdffc","sha512":"99b40a88aa05008c4ee169a5a695b725506b6cfb735855d9c5be38e3cb905a94a96284875014582a97e2cba018cf696121cde2641995008ac28253088b87f27e","ssdeep":"","tlshash":"f0d09563cc61c48c05704af49cb1e11c090ddd5cd712ec507dd011c80ec6396cda3494","dom_hash":"domhash82c9e42589685a6ee40295021754217e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"hayperliduiq.cfd/","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"104.21.88.32","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T15:19:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"hayperliduiq.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hayperliduiq.cfd","ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-22","domain_rank":0,"first_seen":"2026-06-28T11:52:08.062635Z","last_seen":"2026-06-28T11:52:08.062635Z","alert_count":3,"request_count":3,"received_data":322097,"sent_data":1436,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hayperliduiq.cfd/841ac24c.js","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0e394781965d087016212499226d2c3","sha1":"1d4d2573c4a19c277d1c9001e4aba113a4693c3e","sha256":"841ac24cd1606548761045b240531861a27af751ae366ab4ebda47e4f7505a30","sha512":"18e32d9b6d68cd9077822af02c436147f6938e9a0052d765bf0ee2804cef010909979f8ca390d3a2d498bc58a8da69bed538684e7e4c7d0faa1c0cb3cba7ad53","ssdeep":"3072:Ng7k1BdBpB7u1LhaWW+0VVHZPvBlDLRBeH+5O+Z5Z4UG7k7HeTaUTqHOc2hBStrj:xBdnIElDLL82M5gHeTaUTqHiZQqd44I","tlshash":"c0644b033f867c2217f832ea919f64e2448dcb45b884a4cef92edbe895d951443fd768","size":319790,"data":"","first_seen":"2026-06-28T11:52:12.772836Z","last_seen":"2026-06-28T15:19:43.136651Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hayperliduiq.cfd/","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"806b98ce6eb0c09454efb9dfa1f8e200","sha1":"714eb24f4199dc08c20500ea3535ccf2e333b7c5","sha256":"f14fe66cb3dd5d40d362c32f4ab551d804124d9907d44c19b3c37a47531d1543","sha512":"01c3ea7e55da73876e9d2e457f6e5a02ff8000ed199156e69abe6ae90303500f6c53dc130a25d5b0e4f011ecf0d91d0b1eacf3d03b44c9bdf5712aab650bf402","ssdeep":"3072:0/ZMuDVsbN8cYRmUM/EnKk5Zhe9oWdPLy++9Nbfkbpk5+Vke9xS+0EF+W7HB/0pf:01DV0+hRmRx7DqZ","tlshash":"1ee3f7d55ae615b8113bed2a4e2f4114aaba4c37139cef807bcd8dd45f21a201ed4ceb","size":151939,"data":"","first_seen":"2026-06-28T11:52:12.782278Z","last_seen":"2026-06-28T15:19:43.143669Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hayperliduiq.cfd/","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29377d0b723db06bbb969474eb442abc","sha1":"0b541ccd0f776b8d819446c0a57583b4a62b4725","sha256":"35958e21858a85ca0c84c37dcab75a0b159c8958ec30fe9c2325a74f128c5367","sha512":"258a827785b212cdb904bbfaf44814a3999c0e1e548c900c2c8ee5075341a3bcb546a62fc889618823e655e26a12d0726d91a4ac1a9b5adc21fc8435d76554d9","ssdeep":"","tlshash":"0e1188886bb780a809272b280f8fd08414d5f10b2796dd8cb0ce45a04fc24244afcfae","size":923,"data":"","first_seen":"2026-06-07T09:22:47.026797Z","last_seen":"2026-06-28T15:19:43.145486Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"hayperliduiq.cfd/841ac24c.js","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hayperliduiq.cfd/","date":"2026-06-28T15:19:19.935Z","timestamp":1782659959935,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hayperliduiq.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Jun 2026 23:37:21 GMT","end":"Sun, 20 Sep 2026 00:35:43 GMT"},"fingerprint":{"sha1":"18:22:54:10:C8:F0:DB:0C:0B:7B:6B:D3:50:EF:0F:F8:D8:2F:4B:61","sha256":"FB:CE:18:FD:30:19:EE:66:AA:33:0C:17:6D:21:A7:02:62:E5:6A:DE:F5:6F:27:70:F1:DC:08:68:0B:4C:EF:38"}}},"request":{"raw":"GET /841ac24c.js HTTP/1.1\r\nHost: hayperliduiq.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://hayperliduiq.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=14400, s-maxage=60\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Jun 2026 11:51:45 GMT\r\ndate: Sun, 28 Jun 2026 15:19:19 GMT\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nage: 12454\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0p9Pzss5QLjQU963FN3RI3m0hqQZiKlu%2BO6qD8rDghxiqlEO%2B1%2B1l4QlIwjTgMB1O35YjPOgFQZjbs%2B8sfVau6WAJtdUrcprlcGYSZeC987A9tQahed2FrBKLOLGSQiGGHeh\"}]}\r\ncf-ray: a12dab4d9ede783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":319790,"size_decoded":128540,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a0e394781965d087016212499226d2c3","sha1":"1d4d2573c4a19c277d1c9001e4aba113a4693c3e","sha256":"841ac24cd1606548761045b240531861a27af751ae366ab4ebda47e4f7505a30","sha512":"18e32d9b6d68cd9077822af02c436147f6938e9a0052d765bf0ee2804cef010909979f8ca390d3a2d498bc58a8da69bed538684e7e4c7d0faa1c0cb3cba7ad53","ssdeep":"3072:Ng7k1BdBpB7u1LhaWW+0VVHZPvBlDLRBeH+5O+Z5Z4UG7k7HeTaUTqHOc2hBStrj:xBdnIElDLL82M5gHeTaUTqHiZQqd44I","tlshash":"c0644b033f867c2217f832ea919f64e2448dcb45b884a4cef92edbe895d951443fd768","first_seen":"2026-06-28T11:52:12.772836Z","last_seen":"2026-06-28T15:19:43.136651Z","times_seen":7,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"hayperliduiq.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hayperliduiq.cfd/favicon.ico","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hayperliduiq.cfd/","date":"2026-06-28T15:19:20.175Z","timestamp":1782659960175,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hayperliduiq.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Jun 2026 23:37:21 GMT","end":"Sun, 20 Sep 2026 00:35:43 GMT"},"fingerprint":{"sha1":"18:22:54:10:C8:F0:DB:0C:0B:7B:6B:D3:50:EF:0F:F8:D8:2F:4B:61","sha256":"FB:CE:18:FD:30:19:EE:66:AA:33:0C:17:6D:21:A7:02:62:E5:6A:DE:F5:6F:27:70:F1:DC:08:68:0B:4C:EF:38"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hayperliduiq.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://hayperliduiq.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: no-store\r\ncontent-type: text/plain;charset=utf-8\r\ndate: Sun, 28 Jun 2026 15:19:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CzFg1ONOhqxS1oN7PjMSEV06vJGBxxWfK25R2sDby6X9yfiBRMGQwdnor8zvP%2B9ucDJdxHgpbyYV9Hii2%2FQususoudBYx95GDGrFzM4kqOUxYxVhsQyzVn%2FlGl2UTi8e4Xdo\"}]}\r\ncontent-length: 9\r\ncf-ray: a12dab4f1f2f783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9,"size_decoded":616,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"9d1ead73e678fa2f51a70a933b0bf017","sha1":"d205cbd6783332a212c5ae92d73c77178c2d2f28","sha256":"0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5","sha512":"935b3d516e996f6d25948ba8a54c1b7f70f7f0e3f517e36481fdf0196c2c5cfc2841f86e891f3df9517746b7fb605db47cdded1b8ff78d9482ddaa621db43a34","ssdeep":"","tlshash":"a250000c0003c3cc0000003030c0000000000300300000300000c000000000000c000c","first_seen":"2023-03-08T03:03:03Z","last_seen":"2026-06-28T20:04:02.821036Z","times_seen":85641,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"hayperliduiq.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hayperliduiq.cfd/","fqdn":"hayperliduiq.cfd","domain":"hayperliduiq.cfd","tld":"cfd"},"ip":{"addr":"172.67.150.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T15:19:19.503Z","timestamp":1782659959503,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hayperliduiq.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Jun 2026 23:37:21 GMT","end":"Sun, 20 Sep 2026 00:35:43 GMT"},"fingerprint":{"sha1":"18:22:54:10:C8:F0:DB:0C:0B:7B:6B:D3:50:EF:0F:F8:D8:2F:4B:61","sha256":"FB:CE:18:FD:30:19:EE:66:AA:33:0C:17:6D:21:A7:02:62:E5:6A:DE:F5:6F:27:70:F1:DC:08:68:0B:4C:EF:38"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hayperliduiq.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html;charset=utf-8\r\ndate: Sun, 28 Jun 2026 15:19:19 GMT\r\nx-ratelimit-limit: 100, 100;w=60\r\nx-ratelimit-remaining: 99\r\nx-ratelimit-reset: 41\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=an7wk1OxdFQEM7ZOhJ%2BsJa9ar%2Fy8NPR2jUIOcsH5ACSiYWqL6fTX6jbnoGzfH447UhVSBsRjl8nSgrLRJUh9lR2Fch%2FUfewANlHnfa9F8FqcIJBNr3yvZGmCa278zs9m2rgW\"}]}\r\ncf-ray: a12dab4b6e84783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":284,"size_decoded":906,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"1132e097a05387dbd6240968643b61d7","sha1":"6319cff6558590a30bf645d3f5ebff0756d385fa","sha256":"ef2b509b2566e1dd8dc463c035f61454e70d0b192a0952f0f73ace905179c813","sha512":"5699c41166a94d156df3bb7a1e5add2f05b568faa083ba4126dea9fc1f07d7199e455b2067ad2e7b00f156b56069d5d1e5fc9b0e408602956602146ce045bfb3","ssdeep":"","tlshash":"27d02ba7dca1888c05705af49cb1e16c0a098adca752ed507dd026d80ec135acd53894","first_seen":"2026-06-28T11:52:12.769988Z","last_seen":"2026-06-28T15:19:43.142123Z","times_seen":7,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":59,"connect":15,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"hayperliduiq.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}