{"report_id":"7909aac9-9d8e-468a-a2ed-6f96aa6c381e","version":0,"status":"done","tags":[],"date":"2026-06-17T15:50:03Z","url":{"schema":"http","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"title":"Authenticating","dom":{"size":13560,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1508)","md5":"60f3714fa2f886960e8946c34ccbdaec","sha1":"c68dd2c4662b57e0d9fcc08e93503b7dd6dba61d","sha256":"831b30526d892a97fc8cc027aa35eac9c45bddf9a2cdbfc8a1fb65136686f1e9","sha512":"4589972cb0726b188bc7161e72ca05e940c5428882bd020d73674b42ba43e4f943e86cd5b3bbb70e5ecad4c17ef7262c5bb85356800d508d92c64c9f79a490e5","ssdeep":"192:H4UVXARRw4ayx64s64/4/asPI7DmuC7/j8tgw7VRO:H4UVQzw0xqX/4/3PhuCjj8tpVRO","tlshash":"3c522ab173a01535f0b1ced62099a68f35b8c802bd0a452cfddda7548fa1e853972abc","dom_hash":"domhasha4bcb7056defeb423c7937515944d18f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T15:50:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-14T16:11:50.671751Z","last_seen":"2026-06-14T16:11:50.671751Z","alert_count":15,"request_count":5,"received_data":18216,"sent_data":4132,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"573283941732512f323de635de87ebb8","sha1":"3283dda89073447a27852a5130ae8d230f308d3a","sha256":"740cc9e880f181f4cd023a2015545d2b3fe59a03a4600ec2d55cb392e2a42b83","sha512":"5d77ccdb6638980e571da79f0ff4010c030d0be50184225fb67820e298c3aaf18039fe2a23bfc528ddab602e5077cd55e812ecac7ab5975c9fddaf733af7a830","ssdeep":"96:6hGgFyGzMNyu6axs64/4/GxsPIE8DUfuCZR/blAMoBBRzgwFWKNjhVRa+:6yx64s64/4/asPI7DmuC7/j8tgw7VRn","tlshash":"35f1c4a277902a79d1f48ee710aee25e78e4cc4538464428e8eadf55ac30e813b71d7c","size":7579,"data":"","first_seen":"2026-06-17T15:50:04.814294Z","last_seen":"2026-06-17T15:50:04.814294Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:49:41.721Z","timestamp":1781711381721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aquimisasnmll.vu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 03:44:15 GMT","end":"Wed, 02 Sep 2026 04:42:47 GMT"},"fingerprint":{"sha1":"17:9A:BF:AE:3F:CC:0B:82:3C:80:D4:BA:EA:8A:EB:F0:7E:94:59:9E","sha256":"AE:8F:D5:7B:99:75:53:65:4D:C6:1D:8D:C6:B0:80:68:E8:E0:EF:2F:62:DF:7F:25:AD:C3:DF:C8:3F:FE:43:20"}}},"request":{"raw":"GET /?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2 HTTP/1.1\r\nHost: globalagencerevenucanadasolutions.aquimisasnmll.vu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: _sv=eyJ0IjoiM2YxZmE1MGIwN2NkNDM2NGUxYTcwODI3ZWU5Mzg1YzIiLCJjIjoxNzgxNzExMzgwLCJzIjoiNGZhMTg2NGQ4NGEwMGRjMGVhYjA3NjNhMjQyOTkyMjA3ZmNhOWNhNGViYTYyM2ZhNmRkNjE3ZjVjMWViZGQzYiJ9\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: *,Accept-Encoding\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fhvEHz8SaAkn9bAu1RN2qTpckzlJ583p16AHTJXek7ML2UQ2DXI7tl7sXVpBo6xFPXla6yqn93iLMDxixqFOt8vW3Zj%2BQ1dDBupQf1Vpb2ycQRrQsKV6Aa7RlHU%3D\"}]}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\nx-powered-by: PleskLin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=0,i\r\ncf-ray: a0d334a7c83275ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":13620,"size_decoded":6436,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1508)","md5":"ce94a9ebe09920b2f437a07be7378b62","sha1":"1b42f519c7a9ecd1b55649dac32a3a4702b1d96c","sha256":"ace61fd352c2948dcf8da2524850ab97b2cdcc5126dfbb615861bc3ca4c4ddcc","sha512":"5cfa7a674f7f73222767b4e0ab2def64c2e1cb7f0ed8928d3203ffb6460f421986016ac1546bc7543b8cdd2e355b527e1c314237af93d461813c340b894dfa0c","ssdeep":"192:p4mVXARRhiyx64s64/4/asPI7DmuC7/j8tgw7VRm:p4mVQzJxqX/4/3PhuCjj8tpVRm","tlshash":"3e522bb173a01535f0f1ced72099a68f35b8c802bd0a4528fddda7558fa1e853972abc","first_seen":"2026-06-17T15:50:04.811429Z","last_seen":"2026-06-17T15:50:04.811429Z","times_seen":1,"resource_available":true,"data":null}},"time_used":365,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":365,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/50612913083649476126?t=eyJpcCI6IjIzNmZiOTQ2NTU3YjI3MTg5M2NlOGYzOTE4OGFlYTg1OTA5M2I5ZmI2OGY1YTM0Yzk4OGJhZjhhZjlhMWNhN2IiLCJ1YSI6IjIyMmJiOTJhZjUxMDJkNTExMGYwZTJlOWZhZDk5YzcxYmM4Y2JiNTQ5ZTRjOTkxOTY4ZDg2ZTc2ZTYzMGNjYTkiLCJleHAiOjE3ODE3MTE2ODEsImltZyI6M30.617560acf1543ec29da55e9aa07703678cda7d12efaa32289c2a8fe4a653cf9d","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2","date":"2026-06-17T15:49:42.112Z","timestamp":1781711382112,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aquimisasnmll.vu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 03:44:15 GMT","end":"Wed, 02 Sep 2026 04:42:47 GMT"},"fingerprint":{"sha1":"17:9A:BF:AE:3F:CC:0B:82:3C:80:D4:BA:EA:8A:EB:F0:7E:94:59:9E","sha256":"AE:8F:D5:7B:99:75:53:65:4D:C6:1D:8D:C6:B0:80:68:E8:E0:EF:2F:62:DF:7F:25:AD:C3:DF:C8:3F:FE:43:20"}}},"request":{"raw":"GET /50612913083649476126?t=eyJpcCI6IjIzNmZiOTQ2NTU3YjI3MTg5M2NlOGYzOTE4OGFlYTg1OTA5M2I5ZmI2OGY1YTM0Yzk4OGJhZjhhZjlhMWNhN2IiLCJ1YSI6IjIyMmJiOTJhZjUxMDJkNTExMGYwZTJlOWZhZDk5YzcxYmM4Y2JiNTQ5ZTRjOTkxOTY4ZDg2ZTc2ZTYzMGNjYTkiLCJleHAiOjE3ODE3MTE2ODEsImltZyI6M30.617560acf1543ec29da55e9aa07703678cda7d12efaa32289c2a8fe4a653cf9d HTTP/1.1\r\nHost: globalagencerevenucanadasolutions.aquimisasnmll.vu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2\r\nCookie: _sv=eyJ0IjoiM2YxZmE1MGIwN2NkNDM2NGUxYTcwODI3ZWU5Mzg1YzIiLCJjIjoxNzgxNzExMzgwLCJzIjoiNGZhMTg2NGQ4NGEwMGRjMGVhYjA3NjNhMjQyOTkyMjA3ZmNhOWNhNGViYTYyM2ZhNmRkNjE3ZjVjMWViZGQzYiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 \r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *, *\r\naccess-control-allow-methods: GET, GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type, Content-Type\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S7axCs%2FDyDgbV%2FyZJDNIoKh71YJTHPEhNd0VoFFT%2F4EysyThcVsLBDKPc8SUJyThglHHzTTOWOvOkgbEz20QcIKkt%2BqZh7tafgO4C7nZArNivHL%2By4zrDMjm5tc%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=4,i\r\ncf-ray: a0d334aa384075ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23,"size_decoded":771,"mime_type":"application/json","magic":"JSON text data","md5":"fb79de687d04e61471c3fc4253d8cfd5","sha1":"8c70d9fa04144b794dd84f7f90bee290c3b31610","sha256":"44f3575b71b4892b3a636dccc2df3da9e65b5c24af090120880ba1094f239d91","sha512":"2d2e656949f044ebdb7b9ae3ee716ad52e9991484068d32bf5c9bd7de1051ab8ce8188f411b128ffc9472a95a1e77c9437180bbab5e99a43672cdc6a0dc4a5a4","ssdeep":"","tlshash":"9470002200e2000f3082c00008022a000aa2028000f80e02a0a00c0000088038a2c00c","first_seen":"2026-05-18T08:03:01.399293Z","last_seen":"2026-06-17T22:04:18.982598Z","times_seen":1040,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/favicon.ico","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2","date":"2026-06-17T15:49:42.228Z","timestamp":1781711382228,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aquimisasnmll.vu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 03:44:15 GMT","end":"Wed, 02 Sep 2026 04:42:47 GMT"},"fingerprint":{"sha1":"17:9A:BF:AE:3F:CC:0B:82:3C:80:D4:BA:EA:8A:EB:F0:7E:94:59:9E","sha256":"AE:8F:D5:7B:99:75:53:65:4D:C6:1D:8D:C6:B0:80:68:E8:E0:EF:2F:62:DF:7F:25:AD:C3:DF:C8:3F:FE:43:20"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: globalagencerevenucanadasolutions.aquimisasnmll.vu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2\r\nCookie: _sv=eyJ0IjoiM2YxZmE1MGIwN2NkNDM2NGUxYTcwODI3ZWU5Mzg1YzIiLCJjIjoxNzgxNzExMzgwLCJzIjoiNGZhMTg2NGQ4NGEwMGRjMGVhYjA3NjNhMjQyOTkyMjA3ZmNhOWNhNGViYTYyM2ZhNmRkNjE3ZjVjMWViZGQzYiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 14 Feb 2026 09:20:14 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ANXTWBLEp2HLD8o0vDvvD8kcwXH7dHg04KCoSEXOhk4nn1hMgkVbTU7WUfKm2zD0U59ho0oFrh6jyEX2ArRv%2B9hhNF614Vi0F5vFa%2BOQdiGzUBnQyV5X%2Fyy5bQo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\ncontent-encoding: zstd\r\ncf-ray: a0d334aae84475ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":188,"size_decoded":797,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"8e280df7336b14ea00da1b721b6be8c1","sha1":"62df9bf960546a29f9b029e26806201a2c483346","sha256":"0ddf7f140072782ef237241e9da0b90b2f2cddf860b00a10b9c83e4ab916998c","sha512":"7a9ed49216c937d0e61d80301737fdf9872dc6e9cdb07d55680fee96fb4ea152f4c765051ee355a4a31675b1d9ff9f29a131fa6bbfab1f95b7429c2b439cc813","ssdeep":"","tlshash":"fcc0125e18f25680022288502ac27685ac87636fb4ab841438cfe1226fcd26a84c73dd","first_seen":"2026-02-18T14:59:47.844013Z","last_seen":"2026-06-17T22:04:18.979198Z","times_seen":10168,"resource_available":true,"data":null}},"time_used":459,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":459,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:49:40.405Z","timestamp":1781711380405,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aquimisasnmll.vu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 03:44:15 GMT","end":"Wed, 02 Sep 2026 04:42:47 GMT"},"fingerprint":{"sha1":"17:9A:BF:AE:3F:CC:0B:82:3C:80:D4:BA:EA:8A:EB:F0:7E:94:59:9E","sha256":"AE:8F:D5:7B:99:75:53:65:4D:C6:1D:8D:C6:B0:80:68:E8:E0:EF:2F:62:DF:7F:25:AD:C3:DF:C8:3F:FE:43:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: globalagencerevenucanadasolutions.aquimisasnmll.vu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 \r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nlocation: /?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nvary: *\r\nset-cookie: _sv=eyJ0IjoiM2YxZmE1MGIwN2NkNDM2NGUxYTcwODI3ZWU5Mzg1YzIiLCJjIjoxNzgxNzExMzgwLCJzIjoiNGZhMTg2NGQ4NGEwMGRjMGVhYjA3NjNhMjQyOTkyMjA3ZmNhOWNhNGViYTYyM2ZhNmRkNjE3ZjVjMWViZGQzYiJ9; expires=Wed, 17 Jun 2026 15:51:40 GMT; Max-Age=120; path=/; secure; HttpOnly; SameSite=None\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\nx-powered-by: PleskLin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7jOVBroA2GLhfR2wXS7bl3S2p6bOvSJAucjf%2BwRE8wbnwmr6JA7yHi3oSOY7Zjd0cjvx7w5fENwBm%2F49bXSuiYxW36XKoHyXdyLX9hmArPCs%2FfFMLGXMTVl8vYY%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=0,i\r\ncf-ray: a0d3349fdffb75ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T23:31:22.506866Z","times_seen":16495331,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"globalagencerevenucanadasolutions.aquimisasnmll.vu/?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2","fqdn":"globalagencerevenucanadasolutions.aquimisasnmll.vu","domain":"aquimisasnmll.vu","tld":"vu"},"ip":{"addr":"172.67.149.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:49:40.950Z","timestamp":1781711380950,"http_version":"HTTP/3","security_state":"secure","security_info":null,"request":{"raw":"GET /?nl=a547\u0026cid=c6160ccc772e1b\u0026step=517566009\u0026locale=tpsyhrvred\u0026sub=3f1fa50b07cd4364e1a70827ee9385c2 HTTP/1.1\r\nHost: globalagencerevenucanadasolutions.aquimisasnmll.vu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: _sv=eyJ0IjoiM2YxZmE1MGIwN2NkNDM2NGUxYTcwODI3ZWU5Mzg1YzIiLCJjIjoxNzgxNzExMzgwLCJzIjoiNGZhMTg2NGQ4NGEwMGRjMGVhYjA3NjNhMjQyOTkyMjA3ZmNhOWNhNGViYTYyM2ZhNmRkNjE3ZjVjMWViZGQzYiJ9\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 15:49:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nvary: *,Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0k9WQMcoEj%2F%2FXEuocQBYmri70I7RTDX4RNhiEC%2BuQ5xJPkpv%2FPAEVPpDeRShndipvAWqz%2F9CMmGFVKFd%2BU6x%2Bi8JMF8FfkHdyxFkkX7P53OmTFymPIHsynMKM5s%3D\"}]}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\nx-powered-by: PleskLin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=0,i\r\ncf-ray: a0d334a2f80d75ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T23:31:22.506866Z","times_seen":16495331,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"globalagencerevenucanadasolutions.aquimisasnmll.vu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}