{"report_id":"7f302352-3b87-4faf-a486-7fbaa5071d53","version":6,"status":"done","tags":[],"date":"2025-05-01T12:40:00Z","url":{"schema":"https","addr":"flarexrpconnect-network.com/connect.php","fqdn":"flarexrpconnect-network.com","domain":"flarexrpconnect-network.com","tld":"com"},"ip":{"addr":"198.54.132.29","port":0,"asn":11878,"as":"TZULO","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","fqdn":"flarexrpconnect-network.com","domain":"flarexrpconnect-network.com","tld":"com"},"title":"Account Suspended"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-10T12:40:00Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"flarexrpconnect-network.com","ip":{"addr":"198.54.132.29","port":443,"asn":11878,"as":"TZULO","country":"Canada","country_code":"CA"},"domain_registered":"2025-04-24","domain_rank":0,"first_seen":"2025-04-26T11:20:45.922672Z","last_seen":"2025-04-26T11:20:45.922672Z","alert_count":5,"request_count":4,"received_data":31652,"sent_data":1966,"comment":"","tags":null,"fingerprints":null},{"fqdn":"use.fontawesome.com","ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":942,"first_seen":"2017-01-30T04:43:25Z","last_seen":"2025-04-30T03:45:42.100694Z","alert_count":0,"request_count":2,"received_data":75433,"sent_data":986,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2025-04-28","alert":"Other","trigger":"flarexrpconnect-network.com/connect.php","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"flarexrpconnect-network.com/connect.php","fqdn":"flarexrpconnect-network.com","domain":"flarexrpconnect-network.com","tld":"com"},"ip":{"addr":"198.54.132.29","port":443,"asn":11878,"as":"TZULO","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-01T12:39:39.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.flarexrpconnect-network.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 15:24:19 GMT","end":"Wed, 23 Jul 2025 15:24:18 GMT"},"fingerprint":{"sha1":"E3:A7:7E:E2:69:E0:68:D9:F5:53:A6:4B:B3:C7:1C:49:3F:7C:29:30","sha256":"A4:CC:41:A4:D6:E4:31:5C:A7:C0:52:F9:D8:00:60:4D:D5:F5:97:68:E1:28:6C:B3:E1:FF:72:64:C2:61:A7:DA"}}},"request":{"raw":"GET /connect.php HTTP/1.1\r\nHost: flarexrpconnect-network.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html\r\ncontent-length: 771\r\ndate: Thu, 01 May 2025 12:39:39 GMT\r\nserver: LiteSpeed\r\ncache-control: no-cache, no-store, must-revalidate, max-age=0\r\nlocation: https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":7648,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":625,"timings":{"blocked":258,"dns":32,"connect":109,"send":0,"wait":109,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2025-04-28","alert":"Other","trigger":"flarexrpconnect-network.com/connect.php","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","fqdn":"flarexrpconnect-network.com","domain":"flarexrpconnect-network.com","tld":"com"},"ip":{"addr":"198.54.132.29","port":443,"asn":11878,"as":"TZULO","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-01T12:39:39.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.flarexrpconnect-network.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 15:24:19 GMT","end":"Wed, 23 Jul 2025 15:24:18 GMT"},"fingerprint":{"sha1":"E3:A7:7E:E2:69:E0:68:D9:F5:53:A6:4B:B3:C7:1C:49:3F:7C:29:30","sha256":"A4:CC:41:A4:D6:E4:31:5C:A7:C0:52:F9:D8:00:60:4D:D5:F5:97:68:E1:28:6C:B3:E1:FF:72:64:C2:61:A7:DA"}}},"request":{"raw":"GET /cgi-sys/suspendedpage.cgi HTTP/1.1\r\nHost: flarexrpconnect-network.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 01 May 2025 12:39:39 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7648,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (4070)","md5":"930c88af0bb553107f30f0a79178f6dc","sha1":"bdcdd0233a41eccd06383f2eae38e06f9b20081a","sha256":"a199d71d950daea5c409e5c1f2729521b2ffc0ae5c71aae1625a4c5abfff41ac","sha512":"7c92fafebaba98674010f70131378948fba0ac6533f28ded7833433dfbd1d3d5cc394fac0027d35a897b8d9786e029a91443a3bdf5650daa04685da6e4276f73","ssdeep":"192:olVZHCkA26xd3Q4JRveuTtMy47R/Ga0kVhFuPwf8Pn9wHHyJIT:QJvVGaRF8I8e","tlshash":"5ff1d8ab6af2000b741712a87abe3206ab59a503911acd607f0df6e5cf979c0c84775e","first_seen":"2025-05-01T12:40:01.041468Z","last_seen":"2025-05-01T12:40:01.041468Z","times_seen":1,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.0.6/css/all.css","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","date":"2025-05-01T12:39:40.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 06 Mar 2025 00:21:22 GMT","end":"Wed, 04 Jun 2025 01:21:21 GMT"},"fingerprint":{"sha1":"35:EC:02:D7:73:13:A8:D4:94:28:42:85:E4:B3:7F:06:4F:C4:1B:CE","sha256":"4F:EE:4F:BB:1D:26:16:DD:E6:21:17:E5:37:DF:01:50:39:C5:9C:71:2E:D9:BB:D2:1E:0F:B3:D6:42:73:DA:C8"}}},"request":{"raw":"GET /releases/v5.0.6/css/all.css HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flarexrpconnect-network.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 01 May 2025 12:39:40 GMT\r\ncontent-type: text/css\r\ncache-control: max-age=31556926\r\netag: W/\"42eaa52604673b64d6b356c2fd7f87e3\"\r\nlast-modified: Fri, 22 Sep 2023 01:44:11 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1840342\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=lrea%2B9iCx6P8dMNcVG6O50c%2B0D9DghOTm3UeCp9prXur4oRXOFpYfFgMfxqp5TNldFe%2B%2FW1uG%2BrnUIFZ92bbkS5WKOwk7n0bB1TNzDS8LrhxbcLROefHI1y6kFnIyT20RUOPzoZ9\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 938f57cb2ac7712a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=492\u0026min_rtt=463\u0026rtt_var=108\u0026sent=6\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3252\u0026recv_bytes=1223\u0026delivery_rate=7702127\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=1f2a9066f80e0e81\u0026ts=44\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34734,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (34556)","md5":"42eaa52604673b64d6b356c2fd7f87e3","sha1":"6b59cb703b2d4a7a2691f13008062b46a6bc7fdb","sha256":"ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce","sha512":"cf0dd57cd2115e3ad421066dd86bd2c7bdcd33a6a0a3f7cfd1a19f4e88d274e333fc3c4ffb9e25b2a0bb72b2e63636d141e2d0f48b99c1cfe1f7f7d74f7ca69b","ssdeep":"384:UT+rB31fxDjzQ6m4CrLam31bK89kQCQ/HmMIY3B1vcvCPnjQ/4A:p31fxDfQ6WyUFKQkdQ/GM933rbQ/j","tlshash":"82f23eb8e50c41d6a731c48bff82b36862bafb3cd5850d95f00e6d1c29d16a911c5fba","first_seen":"2023-04-05T03:52:27Z","last_seen":"2026-04-04T12:51:30.826824Z","times_seen":21970,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":24,"dns":1,"connect":1,"send":0,"wait":26,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flarexrpconnect-network.com/favicon.ico","fqdn":"flarexrpconnect-network.com","domain":"flarexrpconnect-network.com","tld":"com"},"ip":{"addr":"198.54.132.29","port":443,"asn":11878,"as":"TZULO","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"","requested_by":"https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","date":"2025-05-01T12:39:40.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.flarexrpconnect-network.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 15:24:19 GMT","end":"Wed, 23 Jul 2025 15:24:18 GMT"},"fingerprint":{"sha1":"E3:A7:7E:E2:69:E0:68:D9:F5:53:A6:4B:B3:C7:1C:49:3F:7C:29:30","sha256":"A4:CC:41:A4:D6:E4:31:5C:A7:C0:52:F9:D8:00:60:4D:D5:F5:97:68:E1:28:6C:B3:E1:FF:72:64:C2:61:A7:DA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: flarexrpconnect-network.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html\r\ncontent-length: 771\r\ndate: Thu, 01 May 2025 12:39:40 GMT\r\nserver: LiteSpeed\r\ncache-control: no-cache, no-store, must-revalidate, max-age=0\r\nlocation: https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":7648,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.21.27.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","date":"2025-05-01T12:39:40.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 06 Mar 2025 00:21:22 GMT","end":"Wed, 04 Jun 2025 01:21:21 GMT"},"fingerprint":{"sha1":"35:EC:02:D7:73:13:A8:D4:94:28:42:85:E4:B3:7F:06:4F:C4:1B:CE","sha256":"4F:EE:4F:BB:1D:26:16:DD:E6:21:17:E5:37:DF:01:50:39:C5:9C:71:2E:D9:BB:D2:1E:0F:B3:D6:42:73:DA:C8"}}},"request":{"raw":"GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://flarexrpconnect-network.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://use.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 01 May 2025 12:39:40 GMT\r\ncontent-type: application/font-woff2\r\ncontent-length: 38784\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: \"f9b85c9463af7103b9b24bbbf09a06ed\"\r\nlast-modified: Fri, 22 Sep 2023 01:44:10 GMT\r\nvary: Origin, Accept-Encoding\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=tPsolDSgieRwpaNZeKOXxoJHvqT5ThAhHd47kZofgVnWOdwLPd8Tdce1vW5rCju6tXmfYHGGsZxyS%2FiR%2F59e3AEUJ6FF47P%2FFdKaHiWefU3%2FVSEmLFOGIe26aT3QI4hx9I%2FvNgZc\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 938f57cbe9a156af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=6043\u0026min_rtt=456\u0026rtt_var=11009\u0026sent=8\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3200\u0026recv_bytes=1154\u0026delivery_rate=7300840\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=39fb575cce539b58\u0026ts=174\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38784,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 38784, version 1.0","md5":"f9b85c9463af7103b9b24bbbf09a06ed","sha1":"d28d7222bcbeb8ea701a771e85f7efe006e62fb1","sha256":"62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56","sha512":"ec17dae646a87852e4703148cd67826d375964459d200814a29bbf13d0ec4c9f949e57d36fdfb1624afb68e4750ab82d923bcbc4c433beb97c3111fc6b144869","ssdeep":"768:rwi65rNLMpyCz/6sHgLVleua9KenzcfcoZ2RsbQEcTOtoWsjiKAwQTn2Nvqowj:ci6hxMYCz/DHgLVlu9RAl2S/yYwjiAuT","tlshash":"e603f121d5b23e6280b81d71615a76aa4037c480a274729b7c73fbdb1baf7030e7191e","first_seen":"2023-04-05T03:52:27Z","last_seen":"2026-04-04T12:51:30.828537Z","times_seen":26709,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":31,"dns":1,"connect":1,"send":0,"wait":148,"receive":5,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","fqdn":"flarexrpconnect-network.com","domain":"flarexrpconnect-network.com","tld":"com"},"ip":{"addr":"198.54.132.29","port":443,"asn":11878,"as":"TZULO","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"","requested_by":"https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi","date":"2025-05-01T12:39:40.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.flarexrpconnect-network.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Apr 2025 15:24:19 GMT","end":"Wed, 23 Jul 2025 15:24:18 GMT"},"fingerprint":{"sha1":"E3:A7:7E:E2:69:E0:68:D9:F5:53:A6:4B:B3:C7:1C:49:3F:7C:29:30","sha256":"A4:CC:41:A4:D6:E4:31:5C:A7:C0:52:F9:D8:00:60:4D:D5:F5:97:68:E1:28:6C:B3:E1:FF:72:64:C2:61:A7:DA"}}},"request":{"raw":"GET /cgi-sys/suspendedpage.cgi HTTP/1.1\r\nHost: flarexrpconnect-network.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://flarexrpconnect-network.com/cgi-sys/suspendedpage.cgi\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 01 May 2025 12:39:41 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7648,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (4070)","md5":"930c88af0bb553107f30f0a79178f6dc","sha1":"bdcdd0233a41eccd06383f2eae38e06f9b20081a","sha256":"a199d71d950daea5c409e5c1f2729521b2ffc0ae5c71aae1625a4c5abfff41ac","sha512":"7c92fafebaba98674010f70131378948fba0ac6533f28ded7833433dfbd1d3d5cc394fac0027d35a897b8d9786e029a91443a3bdf5650daa04685da6e4276f73","ssdeep":"192:olVZHCkA26xd3Q4JRveuTtMy47R/Ga0kVhFuPwf8Pn9wHHyJIT:QJvVGaRF8I8e","tlshash":"5ff1d8ab6af2000b741712a87abe3206ab59a503911acd607f0df6e5cf979c0c84775e","first_seen":"2025-05-01T12:40:01.041468Z","last_seen":"2025-05-01T12:40:01.041468Z","times_seen":1,"resource_available":false,"data":null}},"time_used":923,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":923,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-01","alert":"Sinkholed","trigger":"flarexrpconnect-network.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}