{"report_id":"7d2ee039-7801-4031-9422-c601f8a5f650","version":6,"status":"done","tags":[],"date":"2025-07-28T16:52:09Z","url":{"schema":"http","addr":"drezia.com","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"ip":{"addr":"104.21.9.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"drezia.com/","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"title":"drezia.com/"},"submit":{"url":{"schema":"http","addr":"drezia.com","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"ip":{"addr":"104.21.9.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-01T16:52:09Z","useragent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 (Forensic-Analyze-Mode)","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"drezia.com","ip":{"addr":"104.21.9.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-19","domain_rank":0,"first_seen":"2025-07-16T17:18:32.705471Z","last_seen":"2025-07-24T20:16:34.523201Z","alert_count":0,"request_count":3,"received_data":57962,"sent_data":1563,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"drezia.com/","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"ip":{"addr":"104.21.9.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"78bb1c23eb1634bf5e8eb352d6cd6c00","sha1":"6d41bfb8e50162ff61366545dc2c4f17c936418d","sha256":"852e74bb93b254e455208602804eab97fd503a1246304f0248a5fe272018cdf6","sha512":"e4fdb689a8a57b83050df7a259d39333f87ad2c1a2ade3df38795379a9f95d398599525fa76e8dd1ac320b5765d2b701badda63542ea4b8b4a04d4b9e537142a","ssdeep":"","tlshash":"538004544407c13371cd7c4d001111c11f1303145744c740fc40c14451c11d7c4077f7","size":36,"data":"","first_seen":"2025-07-28T16:52:20.051208Z","last_seen":"2025-07-28T16:52:20.051208Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"drezia.com/","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"ip":{"addr":"104.21.9.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-07-28T16:51:48.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"drezia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 14 Jul 2025 16:03:12 GMT","end":"Sun, 12 Oct 2025 17:01:28 GMT"},"fingerprint":{"sha1":"43:8A:8C:96:EE:F7:50:B7:C9:78:5F:35:F9:E0:FC:F1:4B:EE:F9:DA","sha256":"75:95:BE:EF:D5:F8:14:04:0A:6F:32:CE:71:11:40:66:93:4E:EC:89:1C:48:7A:C1:B1:5C:F0:05:2D:EE:9B:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: drezia.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 (Forensic-Analyze-Mode)\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 28 Jul 2025 16:51:48 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nexecution-time: 0.0074548721\r\ntrace_id: 19F2A1C3-1FA6-5BCC-49CA-CFC88ED7959E\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8EBbIqghGkD9Uw1I2nnr0cwVHVCe9%2BAlp1J7Rr6Sqktk1aI8RtQzFR1MQv5B3AsOoe3C607VXzEMYom1RvP%2FvPCwiL2sFj%2B8\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=dcbe9c42e77ece7a415526b067eb932b; Path=/\r\ncf-ray: 9665e221abffb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27790,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"92a3d755aa31d57eade0f99fe772e207","sha1":"177a683f6bfca6ea15a32ae0d1bb08d2f5740ae3","sha256":"347d5aea6b650f7e90e6cc887081e27def5c34bc77c868a0ea0636836eb27d53","sha512":"16662c2032459c856caac0829d2f365e5ad66f32edb575eae46b34214dd585a3582c86bb382db0153779d787aaf77432b97d703ebbd357d1e0421aa700ca8e19","ssdeep":"384:jpQsiAWs6d3oBb6zBg5zZrpmH08NAeK2rsF4JU0UEPPya4xJ0zcGUM:hioZxyN7KFES6cGH","tlshash":"bbc211174361dbeafda9452ce9801898b5d0e8cba074e2d4bb6f500bdb4c4e4e45c7ee","first_seen":"2025-07-28T16:52:20.045447Z","last_seen":"2025-07-28T16:52:20.045447Z","times_seen":1,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":31,"dns":1,"connect":1,"send":0,"wait":423,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"drezia.com/theme.css","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"ip":{"addr":"104.21.9.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://drezia.com/","date":"2025-07-28T16:51:48.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"drezia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 14 Jul 2025 16:03:12 GMT","end":"Sun, 12 Oct 2025 17:01:28 GMT"},"fingerprint":{"sha1":"43:8A:8C:96:EE:F7:50:B7:C9:78:5F:35:F9:E0:FC:F1:4B:EE:F9:DA","sha256":"75:95:BE:EF:D5:F8:14:04:0A:6F:32:CE:71:11:40:66:93:4E:EC:89:1C:48:7A:C1:B1:5C:F0:05:2D:EE:9B:A9"}}},"request":{"raw":"GET /theme.css HTTP/1.1\r\nHost: drezia.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 (Forensic-Analyze-Mode)\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://drezia.com/\r\nCookie: PHPSESSID=dcbe9c42e77ece7a415526b067eb932b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 28 Jul 2025 16:51:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nexecution-time: 0.0092668533\r\ntrace_id: 558DBB90-C48C-A1B7-B153-4BFA60C380F2\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Bpco9oNvbSuzE8BQYbn68CfAuw4Qb%2B4%2Fq7pFDnk6BHGgTkRzAlN2Lo7FV%2BLq0Y%2BwRb%2BWJ9Vh%2BOwXQ6opFT50QV7XTge68po\"}]}\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=dcbe9c42e77ece7a415526b067eb932b; Path=/\r\ncf-ray: 9665e225fb02b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27790,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"00850851154c7efe9aa9e311ce96c683","sha1":"584c2123d3804944ea1a9118c36710827e8e9da2","sha256":"6097deac01ca68f28481fced76d21186ea4b1ef705e5d975910c861f7efc9763","sha512":"29cc7711021b2fe59885466f8dbf88950c2e9f85661d234e98ad7a722bc7d5f3c21880399691e78ffebdd44e8deebbb0c272cf48157fff0b0df8312b72f81db5","ssdeep":"384:jpQsiAWs6d3oBb6zBg5zZrpmH08NAeK2rsF4JU0UEPPya4xJ0zcGAM:hioZxyN7KFES6cGj","tlshash":"17c211174361dbeafda9452ce9801898b5d0e8cba074e2d4bb6f500bdb4c4e4e45c7ee","first_seen":"2025-07-28T16:52:20.048183Z","last_seen":"2025-07-28T16:52:20.048183Z","times_seen":1,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":417,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"drezia.com/favicon.ico","fqdn":"drezia.com","domain":"drezia.com","tld":"com"},"ip":{"addr":"104.21.9.35","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://drezia.com/","date":"2025-07-28T16:51:49.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"drezia.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 14 Jul 2025 16:03:12 GMT","end":"Sun, 12 Oct 2025 17:01:28 GMT"},"fingerprint":{"sha1":"43:8A:8C:96:EE:F7:50:B7:C9:78:5F:35:F9:E0:FC:F1:4B:EE:F9:DA","sha256":"75:95:BE:EF:D5:F8:14:04:0A:6F:32:CE:71:11:40:66:93:4E:EC:89:1C:48:7A:C1:B1:5C:F0:05:2D:EE:9B:A9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: drezia.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 (Forensic-Analyze-Mode)\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://drezia.com/\r\nCookie: PHPSESSID=dcbe9c42e77ece7a415526b067eb932b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 28 Jul 2025 16:51:49 GMT\r\ncontent-type: image/x-icon\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=PU17%2FUEI9jbXcoQFqifnVtghR65fFx9EMW4kE9ijicUXfT%2BLmqPSzzLUFF2C8avvRGrdqnULPVrwB6EsRJ%2B6WEP1y2GUB9pbbynTO%2Fgf5md4qq620Pid8hfq%2B4xS\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nlast-modified: Tue, 18 Jun 2024 08:33:11 GMT\r\netag: W/\"66714647-46\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 9665e228aaf70b3d-OSL\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1429\u0026min_rtt=496\u0026rtt_var=924\u0026sent=272\u0026recv=447\u0026lost=0\u0026retrans=0\u0026sent_bytes=19359\u0026recv_bytes=24098\u0026delivery_rate=518202\u0026ss_exit_cwnd=14901\u0026ss_exit_reason=2\u0026cwnd=14000\u0026unsent_bytes=0\u0026cid=b0a2ca6093d9ab45\u0026ts=1132\u0026inflight_dur=56\u0026x=40\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 1x1, 32 bits/pixel","md5":"735ddbd8a50494b34bbed5fe68727c42","sha1":"ab6c96f55f6f9383c8c73f2838d07398529a4b8f","sha256":"23d7bcc5e68b94d6e03382ac1d9a14ab2d0134772682ae0dd1b2e8b4c85afc51","sha512":"b3a7773c84719a1864c911422a7e6f37efecc6952dbe85bfcdb095fd0434487fbb44d0d810890d96a50f4bf3ef8a3c32a47de5115f8e0cefab7431f10eee9928","ssdeep":"","tlshash":"51a00082b300008ec0000f3000f30b0b2a2cc0028a3a230302200308aca32c8080a3c2","first_seen":"2023-05-07T20:28:17Z","last_seen":"2026-03-15T12:18:02.76276Z","times_seen":4706,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":448,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}