{"report_id":"8098f61e-5dda-494b-8526-c0b46f04c1e0","version":0,"status":"done","tags":[],"date":"2026-06-17T19:55:21Z","url":{"schema":"https","addr":"telwxuq.sbs/","fqdn":"telwxuq.sbs","domain":"telwxuq.sbs","tld":"sbs"},"ip":{"addr":"216.150.1.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"telwxuq.sbs/","fqdn":"telwxuq.sbs","domain":"telwxuq.sbs","tld":"sbs"},"title":"Loading...","dom":{"size":1588,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"563237bc2254de6a02eaba0550c6302a","sha1":"26c52dd1a1291acd0f552d55ce069c70e624ab4d","sha256":"3519f2c0a890aec10e4af6b7f7838f91e770903d0d93d500bdbc2be221d8147f","sha512":"1a443fb28deb5b4bbe253c011640abb46c154ab6eadb22353640695e90c2040a525b058336064f9e645efbf6fc8cb3c9d6156afb831ce7879c9b8ea0a96cb7ba","ssdeep":"","tlshash":"633165b7484311287d3784736e6fb60c25da8d83a10bcc01768e63528f8574e6a9a3d8","dom_hash":"domhashdd1ea251ac348d0c46e018c959bafd88","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"telwxuq.sbs/","fqdn":"telwxuq.sbs","domain":"telwxuq.sbs","tld":"sbs"},"ip":{"addr":"216.150.1.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T19:55:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"telwxuq.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"telwxuq.sbs","ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-06-14","domain_rank":0,"first_seen":"2026-06-17T17:13:53.457123Z","last_seen":"2026-06-17T17:13:53.457124Z","alert_count":2,"request_count":2,"received_data":4969,"sent_data":978,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"telwxuq.sbs/","fqdn":"telwxuq.sbs","domain":"telwxuq.sbs","tld":"sbs"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1d8fffd0d95b08faa50d931810f76568","sha1":"5033731eb71fd9a8c17ba9579e29de9c389af3ab","sha256":"7d6980cc4818fc090c480fb26c696cbbf7f2558d8535e2217e41d9c02e7ed26d","sha512":"34fe0e73b5e2a864f20e4b878d799afe1d3d427839004781277db997b9a6ee887ce965738c07205fc61e5a0affa073f4690f6feecceecf390db55aa9d2756a19","ssdeep":"","tlshash":"ff11efeb945322a43d7b54b39e2fa20935e70a83200adc52760e92505f2171f269f6e9","size":939,"data":"","first_seen":"2026-06-07T17:16:19.952981Z","last_seen":"2026-06-20T22:43:43.131449Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"telwxuq.sbs/","fqdn":"telwxuq.sbs","domain":"telwxuq.sbs","tld":"sbs"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T19:54:58.380Z","timestamp":1781726098380,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telwxuq.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Jun 2026 12:10:09 GMT","end":"Sat, 12 Sep 2026 12:10:08 GMT"},"fingerprint":{"sha1":"40:41:EB:C7:28:6E:4C:AE:25:47:29:93:18:3E:C8:3E:21:56:D5:B5","sha256":"EE:DB:8E:68:E1:0D:15:2C:19:78:AA:A3:BC:15:8A:B8:B9:D6:F4:51:5F:8A:96:AB:67:A1:D9:85:E6:B3:E8:60"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: telwxuq.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 17 Jun 2026 19:54:59 GMT\r\npragma: no-cache\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-robots-tag: noindex, nofollow, noarchive\r\nx-vercel-id: arn1::br97g-1781726099079-e603a31076d1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1604,"size_decoded":1415,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"1d3d26c6b2fd30ea795005c56c5bdacd","sha1":"9ba8c6d5369fddb8bc71bbb9d68855b23ceb4365","sha256":"8ac84b5eefff32e93bc163c287091a1c1397d356eeedcc946befa895ffb980e1","sha512":"bb2d509b37bd317500d84504193a65cfd6da6f547ae7838f02b7e60442cb62f4cd65bdbf5a6f3c17f4d624a7217a5747059971fde217e582f5799c37919da5be","ssdeep":"","tlshash":"a03195b7484321287d3784732e6fb60c24da8e83a10bcc0176cf73528f8574e6a9a3d8","first_seen":"2026-05-04T12:01:45.428499Z","last_seen":"2026-06-20T22:43:43.129694Z","times_seen":175,"resource_available":true,"data":null}},"time_used":701,"timings":{"blocked":-1,"dns":660,"connect":1,"send":0,"wait":11,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"telwxuq.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telwxuq.sbs/favicon.ico","fqdn":"telwxuq.sbs","domain":"telwxuq.sbs","tld":"sbs"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://telwxuq.sbs/","date":"2026-06-17T19:54:59.342Z","timestamp":1781726099342,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"telwxuq.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Jun 2026 12:10:09 GMT","end":"Sat, 12 Sep 2026 12:10:08 GMT"},"fingerprint":{"sha1":"40:41:EB:C7:28:6E:4C:AE:25:47:29:93:18:3E:C8:3E:21:56:D5:B5","sha256":"EE:DB:8E:68:E1:0D:15:2C:19:78:AA:A3:BC:15:8A:B8:B9:D6:F4:51:5F:8A:96:AB:67:A1:D9:85:E6:B3:E8:60"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: telwxuq.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://telwxuq.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\nage: 1688840\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-disposition: inline; filename=\"favicon.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Wed, 17 Jun 2026 19:54:59 GMT\r\netag: W/\"1635ed0e8715c40d4bed875b7494a93a\"\r\nlast-modified: Fri, 29 May 2026 06:17:08 GMT\r\npragma: no-cache\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-robots-tag: noindex, nofollow, noarchive\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::smcts-1781726099352-d668301fca26\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2409,"size_decoded":2997,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with \n- PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"1635ed0e8715c40d4bed875b7494a93a","sha1":"ca2c72821b30194b9b6daf9c8c0ce1723fe54614","sha256":"504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357","sha512":"f710268687fcd3da9bd9ffee9cbf166d21598cab5ff1172c510fd478f57300af7112f35132ba345a2242b65ff53cde9de6ebf0f1ea8cf7f5fce17c832a5a85d8","ssdeep":"","tlshash":"9c413ae3663eb676c5f6a6660c4f01002c1f80d4759aab3c364ae0f68c4316a0ae4a23","first_seen":"2023-06-20T23:38:38Z","last_seen":"2026-06-22T00:14:36.530235Z","times_seen":2562,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"telwxuq.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}