{"report_id":"80c4c592-9f84-4c69-8860-13cad84ae7bd","version":0,"status":"done","tags":[],"date":"2026-06-28T13:01:24Z","url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"172.67.140.168","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"title":"Just a moment...","dom":{"size":27440,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (27438), with no line terminators","md5":"630800a3fddfd1d5be72ef772ff63113","sha1":"3b3339998e96e56e48d64c4a8228589871475bb2","sha256":"a41a44a8289d64f08f9846f0a92783d0ede7eb12ed7b8375104bee2c91a25d0c","sha512":"d673a322e22d99a57719886dff0bf7e7f6c842756af5b4c916bd520ca7edeeba990b85d8b0bc5b6f5cdace693d9bf6a2e4cfa9f279e41c72a1eb1f82bd141b96","ssdeep":"768:hwlyVg+sAUpovzXGoY1UJulVLZIiNBq7ZD4NKkC:Qr7q7t4EkC","tlshash":"0cc2f732eb00633b6d37835e3554fa852131a2d15a567378faa27214cbc86e729b37c7","dom_hash":"domhash33fd3e39421e98ab6d4d06612fbc9938","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"172.67.140.168","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T13:01:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"challenges.cloudflare.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2026-06-21T23:33:31.856708Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":484,"comment":"","tags":null,"fingerprints":null},{"fqdn":"reg-falconfi.live","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-28T13:01:35.209843Z","last_seen":"2026-06-28T13:01:35.209843Z","alert_count":14,"request_count":7,"received_data":227250,"sent_data":4986,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"88ca0a94ef6a0d7554bf108e42aa9dac","sha1":"679a6d111ab3dc71c523275cb7182c4b5820261e","sha256":"82cbdc1a5eed56b66a2552c49ef8460a029189523a32b90f174c1b02c1368314","sha512":"663233d21cd9e38c01fbad555fde69b1079601f43b8e71d8bd2d1c356b923c9303a0c8a77ce01f0c74dc6180cfe24d678a20dcf6d2c5d28bd4482136c255cdc5","ssdeep":"3:N/BKL1X0VVa:eL1EVVa","tlshash":"335504c0754034710410c401d350141554150541153f0407705d0cdc17700000c5d5c0","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.794422Z","last_seen":"2026-06-28T13:01:41.794422Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b8825265eb6a9d1be93a31cecfc3a763","sha1":"2a01d5aed6236357f38a61e2bce1487555054724","sha256":"19e591f48a4da50fc3f95c096624ec526e61643f45b99f89ebde2d6ef37de507","sha512":"151dfc41656101ec7a2f3aaa79ee57c01efd1d5b4f7a62ab289c81ccc61d96e3d376d01e2e4be53c4482eb47c3dcabd36dc107b1b665672780b268d4ec72c790","ssdeep":"3:N/BKL1X1Udn:eL1Sd","tlshash":"205504c0744030714410c400d350151d5d050503155f0405f45d0cdc17310100455550","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.795863Z","last_seen":"2026-06-28T13:01:41.795863Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cb825aee4421ce1fdb59a44fc4f17cd9","sha1":"c205068d07622ab6e6a3407b4a337cce0b4de861","sha256":"cd17af78f6c9a1cbeeb4c21d78508241a4de20505994334a5785e0c47ffc9ac7","sha512":"8a51e3c5764e97ff09eea7f16002d2f85b746dc7e58ceafaf4d8c78921c0fe17a053c9f5bec384f08fa789fdd950428ae15989c530eb1522598664901bbf328f","ssdeep":"3:N/BKL1X1Hd:eL11d","tlshash":"bb5504c0744030710410c400d351541554070503151f0c05707f0cdc1734000045d540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.797178Z","last_seen":"2026-06-28T13:01:41.797178Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"713691c48dc00be54868135aca5a1a98","sha1":"5a7d93f3f95a911e6c7a1ada102811cba6cf9f48","sha256":"126211d697c2d7fa4293124905a3473289e98983245fda39029e22fdf5b0157e","sha512":"2ce00d96ccd5a629156edc0238fc14a2167cd85daa012b5aed5985f29ae610a7e1be21aaa468c2ccff5a57a722b8c218442e2324291e760ede0f9e4b8e020525","ssdeep":"3:N/BKL1X1N:eL1n","tlshash":"7e5504c0744030710c10c400d354141574050513151f0405705d0cdc17340004455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.798445Z","last_seen":"2026-06-28T13:01:41.798445Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=a12ce08b08ad56b1","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf2aa6802397187f934f7ee58c76141a","sha1":"b623317ecb5da233e28ef46c285d6d876fa1ae96","sha256":"281b0627c8b09274f0b616126a2ea98ea857ff09730896cf4f40fcbf6dc5eb17","sha512":"9073e8728e083c195cd7a04e8cd8beba05d5376d3d1ab3e73b06f902ed2e5235d293cbd264a3e5ba2de5b873669dd10007bb8e2b10f01d110d835b48536d6ff6","ssdeep":"6144:AzS+hFvcsCggH9SpRO4b/9Cqd+R77ULDMVYWtODgGDGgoHMTcNA1Gk4QxkMIV2wg:JoWW","tlshash":"ee24b7cf74c67807022715f5842ff04f625e4dc4821c292a5a2186e07abdf799b7fab9","size":218345,"data":"","first_seen":"2026-06-28T13:01:41.79291Z","last_seen":"2026-06-28T13:01:41.79291Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/?__cf_chl_rt_tk=YWPcUtaKtAj6so2TFhlszGV0R647iMJPIfqoLgU_uhU-1782651654-1.0.1.1-9x.BEPTMec1DHB3EMNggmNpqatWPIis1spguNaodBKE","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-06-28T15:31:40.913707Z","times_seen":755973,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"06e2a549ba4c32d5c4dd7bbb9d9c4a83","sha1":"893400c2af906e1a317437c41962fc6d81c70d84","sha256":"34e32ceea4eb9ba8826c01aee8f418b92ba893cdf112f994cb1234eef3304683","sha512":"07f42509b95f8781614f69b6db28e4b7607983f380312a4e7293a087b8e16e209aae628affaceaccc57312e46479770bdecc3f8cfd147f9cb6edfb3b339718d2","ssdeep":"3:N/BKL1X3CT:eL1w","tlshash":"295504c0744070710410c401f354141554050501151f1405705d0cdc37310000455550","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.800123Z","last_seen":"2026-06-28T13:01:41.800123Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a4eb1d2122c64e3c26b64625e6cb7939","sha1":"4da055117f9cec8740bb94e6a61d0365bf9edb09","sha256":"37b43ed213fe9f5edf35d29498a3ce37b52668ec82aede3353385cc8938da536","sha512":"3612af81ef88024309cb3f9d0f82ce5fcbf38e576a8336540a1db0db083985427ef1811679970b4b03202d294b0ea76453f796bbd0996712391af940fb39d570","ssdeep":"3:N/BKL1X3eb:eL12","tlshash":"645504c0744030710410c547d350141f55450501151f1405705d0cdc173000004555c0","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.801348Z","last_seen":"2026-06-28T13:01:41.801348Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"95016e812af70b392c8d8537dd76e23c","sha1":"c9a5e3dd78db247915eddd3ed3576dbd0aa8d492","sha256":"6080b3517fd4f645c2c1c0960c54cda800d7d0495b3cbbab83182e583da3866b","sha512":"c97a9a4a5371a6bf8bc75eefd3aa5a4d61eb3431fecbccec526a4e404e3ae9f34951fc3928cfb1d3f5e7f0bbc4ef47c6f41aeef4acd30047d6cb1190edce92b8","ssdeep":"3:N/BKL1X0XdJ:eL1EXdJ","tlshash":"d55504c0744135714510c400d754141754050501151f1405f15f0cdc57300400cd5540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.802555Z","last_seen":"2026-06-28T13:01:41.802555Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"88dd126ef4c616de9dd85949d9644b97","sha1":"661985324ee1b8a9240209f3d6e02bffe1fa9110","sha256":"5674703043b638a5ef3c102282711ce7b37e30185b03078e8589a358607186ee","sha512":"1ef3013c64192c4bb8c968ea76ec85e6dfa17fe9b3280ba92b9231d2fe54c77a3fd090b1aafbe3147b5577e2201407686cdcc8c68ca9b6535b7568d93b0c8220","ssdeep":"3:N/BKL1X0TUFn:eL1ETO","tlshash":"845504c0744034f10410c404f370141d54050701171f0445705f0cdc1731000045d540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.803728Z","last_seen":"2026-06-28T13:01:41.803728Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f913fc53205554927da498d13ce7a012","sha1":"a8161ba057dda85bfcf1027b29cd51d0e1fdec0d","sha256":"03c63bdb5268f56a53851cf3eadf169ee9e8e21a6aaeec4285fac8537735d426","sha512":"975147993e7c084d73f6bfb9fe4880687390e3e869db465980448e3bbe2c3e30803b094e7ba1bb14d2308abf15fb9422584cbf932a822769433f9b5bfdf3d5be","ssdeep":"3:N/BKL1X1cdn:eL1Kn","tlshash":"655504c0744030710c10c400d350541554050503151f1405705d0cdc17301000455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.804959Z","last_seen":"2026-06-28T13:01:41.804959Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"18953885b13226b96390e68615240737","sha1":"bead98b85cdb0761d43af5857a8c65688e5fd6a8","sha256":"bb582765a8cfb82464eec7e3ac9c12e2de71bd1ffcde96acb69b54554f15992e","sha512":"ef01fac175bb28a8fbdbca9678eb93100d772ba14642520ce782c137119b02bdc63202f233b589538bb7b35cf91b472d75cc179700d58b031bd31a146279bb77","ssdeep":"3:N/BKL1X3T4:eL1z4","tlshash":"a95504c0745030f10410c401d3541435d4450701151f1405f0dd0cdc17300100455541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.806084Z","last_seen":"2026-06-28T13:01:41.806084Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d5be2abcf7c6e5dad5528235c0752ee0","sha1":"26b9be30324a0a446a5c832571f69f5e575472f3","sha256":"7c6d20b46ceb11474b0482388a458404e7b1aa15faa89c2a8ed7f8d00b7ba456","sha512":"395124973b75b8c0779c3a95572da24b7bbd458378663aeebe8a62c0133db9709506abadb4b547a3f9c075e8f72761e2c7415ac273657fadb7a2c6c55c0940d9","ssdeep":"3:N/BKL1X0VTI:eL1EVTI","tlshash":"9f5504c0744034710410c404d3501415540505011d1f040f705d0cfc17304004455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.807232Z","last_seen":"2026-06-28T13:01:41.807232Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9d9975081a03e830b673b7647c4c1828","sha1":"bb6c36ad4aa3bcefdf2e2b4e803017f210dbdd42","sha256":"ae88c6d6403ae29956b0ece188135fca04d6c86cd6d02095bb230cc99b2bbc5b","sha512":"b9e839721dfa5e37ba5be3a302cbc7b2e2646b636a30f55515dc62290479c2c2f00b0b6632a9d6813c6e0228ee1218090d16b49f18b3232475773b7cd6eeb6e7","ssdeep":"3:N/BKL1X0UKR:eL1En","tlshash":"725504d074403cf10c10c401d370141d54050d01171f0405705d0cdc173001004555c0","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.808289Z","last_seen":"2026-06-28T13:01:41.808289Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8fc12992729fe8514b5d4a4c71c7c5d1","sha1":"e206d77bcadc5037b0932ee4f3be1c10567e138d","sha256":"8acb75c1ce4ed23b3fcccef7f44a38f224a623ca05c85896f0accb1958101658","sha512":"592de607d89ed976e40a87358be431b17ce4275349d4afce364cb2804af5390c8f8e457143fd22662aca0a10e52b9f366a591a40825109a23abe588008e6788e","ssdeep":"3:N/BKL1X0UnRn:eL1EgR","tlshash":"b05504c0744034710c10c400d3711515d4050d011d1f4405705d1cdc17310400457540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.809474Z","last_seen":"2026-06-28T13:01:41.809474Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4f9245c1f2d8a866432e431fc9b9d31e","sha1":"dd4bf2bf2105aeebb5838662bab8c0ddbfc2da41","sha256":"a1f017f477b58848879c22964d753e8280a9edf174beb887e9cd84cf25d74275","sha512":"13e79fe6ebc5c4696fe73228987155da06e63f9406a9d4d17c2dd7dec62b6ba3c06a080c710b26ed9b01158286baa1f9072a0581d5875cf47b7ed60017783090","ssdeep":"3:N/BKL1X0WH:eL1Eo","tlshash":"7f5504d074c034710414c400d350541554451501151f0415705d4ddc17300000457d40","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.810744Z","last_seen":"2026-06-28T13:01:41.810744Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f15a5ba7e3b62b365d521d095f876416","sha1":"b284f5bb4ccbb5e06b06c8683f5ae2a19a3a91a0","sha256":"a49457d025fd9a18dd05d9b063d1d1bbac1a0b25cfa54fbf0cabe477eb2d88bb","sha512":"4209ad41d03cc4e98dc67144bed631daa05d819a5198efe8e3308d646b67d053f1f30259582ad340b69bff7e98f6b337936d8b6177d30e73ea7bd7ed44243cbe","ssdeep":"3:N/BKL1X0RRTc:eL1ERRTc","tlshash":"375504c0745034f10410c501d3511415540d0501151f0405705d1cdc17304104455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.811904Z","last_seen":"2026-06-28T13:01:41.811904Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"66cda85e8b3d1799dfb7234f76ac34be","sha1":"fd90cf552af522e2343ced3b3ac03fbffab9a227","sha256":"cd1d1f085090caa5f948c5afdcc4eb7a05013e7b1153b764d8ac7e886d441340","sha512":"7a7342028fccf1742b61b1d1e157420eaa3f05b6568c8becec18e1db6019c52603a6d02e4e306547364c1ae6cf37ff42a517cd2c03f48ef3114d19675f67316b","ssdeep":"3:N/BKL1X0Qj:eL1Ea","tlshash":"775504c0744034710430c440d3511415540505015d1f0445705d0cdc1731004045d541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.813089Z","last_seen":"2026-06-28T13:01:41.813089Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1f568325e79db71767c6f1057d93287b","sha1":"7ada98c6f7bb9f51c9a166943d47ccbd92728dbc","sha256":"d9e1f943465fba1cbe242649093c76ba9f045a18daebe3cc6cb5b3fdec6795a4","sha512":"7db49b4e2a7152d3beb53199861388e2735de8f98655ecb71b0335a50d03fba8699e8d47037738f6bfc1fc05e413f107226a6aa58e497b88a5e3593b263f851a","ssdeep":"3:N/BKL1X0cs:eL1EV","tlshash":"725504c0744035750450c400d350141554050501151f441570dd0cdc17340010455541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.814324Z","last_seen":"2026-06-28T13:01:41.814324Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1e50fcfc8c752175ff807841572530cf","sha1":"03ad81477e761297b3303f079f659d0269fcd829","sha256":"31f8094427d685dd7b752b1d660ec2612ce236cf5402d8351c685ae1654acce6","sha512":"d3af1b45d5b712563fb0b88ed05ee831eabdbfcf04056f2fd8ed9cb37f4cb2241a83e8523977ae0a06b91fa1572bce52ae3050f47c46889e3e4259aa5cd8ccbf","ssdeep":"","tlshash":"8ac08c887a80e014c28125351c6b428ae638de6008581003a0425249b6a071003aaf0f","size":137,"data":"","first_seen":"2026-06-24T10:51:52.241503Z","last_seen":"2026-06-28T15:31:40.919328Z","times_seen":3702,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7659e5b96b1e715324a1686ebe42a4b1","sha1":"dd59a6b91aea0c475ac06f78834cfef0ce86da56","sha256":"3a43f27e965240f93fb5d97bd0c1f0bf62e356d94b6991d4fca286c1bcdcbb09","sha512":"bcb0f9188e758de389fc59a4274e2e08c0988459dbdca425be698b95a97224ab84bb951393108fa64f9f3550eca92d83e4fcf030183251bd94148373988e4ec4","ssdeep":"3:N/BKL1X3o:eL1I","tlshash":"925504c0744030f14410d401d3d1541554050501351f1405705d0cdc17300000455541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.815945Z","last_seen":"2026-06-28T13:01:41.815945Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"3ceed6f3059340cc47b038c0b77ea45b","sha1":"4b7cd4c0400a12565201fa83eadd5bc68530467b","sha256":"d3c295d25083532b9edd07ebe24d85cc2b8fd0c163fecc8b13b62b7922ea591b","sha512":"0b900a7ea9ca56fae869910c8ffd9229efb285654604ec8404c56086e1acbac843291b251a8093816d4f4dc90d0df3c0d97b37a49c59033bef05d29221baff70","ssdeep":"3:N/BKL1X0QLn:eL1Ey","tlshash":"2e5504c0744174710410c501d355141555050501551f0405705d0cdc37310000455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.817123Z","last_seen":"2026-06-28T13:01:41.817123Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"418ccd267d1a71ec16a2d0de7e688f0e","sha1":"b557bada823920f6272a3c5f2a0bdc02e559492d","sha256":"1c91c110521715c9d54c4ea3e3e08fe4a2b3f138d8a5d4895ef1347116f894d7","sha512":"b20b3f2ad65aa3cd6b43a24a0444d70352320e985d995a31530f6677c77a4562621f3dade1ed033636c9c8436f567334ffc77f66df89c8b71e41c243a2b7528e","ssdeep":"3:N/BKL1X0TTm:eL1ETTm","tlshash":"8e5504c0744034710410c400f3501415d4050503155f0405705d0cdc1731011445d5d1","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.818128Z","last_seen":"2026-06-28T13:01:41.818128Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"56abe2a36cbfbbf3a6ad149b85d52db4","sha1":"a9d99dfd14d91567fc47c6d74102f853515c5411","sha256":"524e08784819e563b769550e11b4c64f0f6225cf46d652bdd4b05e6bbb4c7d3f","sha512":"b8423f593918779cff7721cd23d79e26c71920db7809393e80e114ffb02ec9ebe7d17302e1bad9f73bf2609b7940605038e5b6bb2929d35ad77449f11767ec9a","ssdeep":"3:N/BKL1X0ddi:eL1Eddi","tlshash":"ee5504c0744134710430c410f350145555450d01151f1405f05d0cdc17300010455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.819471Z","last_seen":"2026-06-28T13:01:41.819471Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4fe036d978b5f3e1df82aabed983c88b","sha1":"56bdd1880497dea0c835065e5b13085f2ea91941","sha256":"f0bc557398f8697c1e54250da997f8c654f0e2290e04ff8647bc5a445b20ff07","sha512":"ff6b3387a3f805cd70976c6ead6bbd10e2adc5628bb1b47db08b3e31e8dfc090dc54741b94d1c48846725d11b8ecd0914c1bdb35e651ce41f9825cda8a23d8b8","ssdeep":"3:N/BKL1X1C:eL1o","tlshash":"7a5504c0744030711410c400d350145554054513151f0415705d0cdc17300000455550","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.820957Z","last_seen":"2026-06-28T13:01:41.820957Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c25b7c329668da9dded1c3d9ee93b906","sha1":"bc1b1a603f7f8ea75fc011448a622870e70b545c","sha256":"42415fe5c3c1627e3a64c491d90c755346cb935301eabd34ddbc6206cccd3a6a","sha512":"d3e19feba078369ecb57582c5828b16815e74120e2e5944cdb04d04615cdda43491dcbef206b6f80bbb19d44409c979a4b66368eaaca33c1be9d231b088ad7e4","ssdeep":"3:N/BKL1X1S:eL1k","tlshash":"905500c0b88030b20820ca00e3a0282aa80a0a032a2f080ab0ee2cec2b3000008aab80","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.821965Z","last_seen":"2026-06-28T13:01:41.821965Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d19f35b4fb836604b48909f5dd73a681","sha1":"9368077239e9f5d66177037595fbd6745e240905","sha256":"29637f7d80972e74687a167b5adc2d4c7bc796a0b2d4d4450d3c7beb7084b008","sha512":"746b39a5d994dae75e12977b55bbdfd14a8faa91bd3a18b21c55d545e34d4c8abe6a99904d7152bfcf04690fb1bf075d3515c5dbbecb8c6fb7d2891ade266db7","ssdeep":"3:N/BKL1X17S:eL1I","tlshash":"a85504c4744030714410c400f350141554070d03175f0405f07d0cdd17300000475740","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.823407Z","last_seen":"2026-06-28T13:01:41.823407Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f2372af64f20735faccf54229d3336e7","sha1":"0bc78ac294f9d1e9da20c05e6b0a1c46b4ba93aa","sha256":"b509168645e9afa362e04fd5310202fdabd58591ab8015f9a976532657d70aa9","sha512":"f247d4bf5de0d4fb0c58f14b224234e12cccf40c97eb8cdece097f8fa36fb99d097e2de95676457f88c85f32a808d7acad8b702a5215f9377c6d0fbb5df59e7d","ssdeep":"3:N/BKL1X3eI:eL1F","tlshash":"355504c0744030710410c400d370151554050501155f1415705d0cdc1f30100045d540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.824595Z","last_seen":"2026-06-28T13:01:41.824595Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cbcfbacf0bc2f100e5fcfcdf40da7080","sha1":"c311787b64ce47428d493ee966796cf9b5d3bc14","sha256":"2194ece879526667c2b3f1048f703aac7ca23cd5d38add56196f2e88267aee81","sha512":"899f27b1e8624bd4c3daff92af8d8b95baa553866e47900a882d55b24188a64e3d08f8baeda2fdb37450121cb97a4e102d0432c7a07c86a23da3c5f86059a8eb","ssdeep":"3:N/BKL1X0WL:eL1EY","tlshash":"285504c0744074750410c401d350541554050513151f0405705d4ddd17300000455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.82579Z","last_seen":"2026-06-28T13:01:41.82579Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"80fc0da799a0bce7e90b8f536edff885","sha1":"0b77c46c440665e25b0daafe58c64c2a93b7b711","sha256":"40321b87efe085767a8b8b75a7efd5e0ccf7ab08be0ce11205da97bf1fdebda4","sha512":"17bb3d1f3c1134633ddfa2fd19010a5d5c9dd4cda43c9253a53c9818330d220147e0f48f7774647816140aa24b820c37b15c068ba4f59f7ce9a9dc18776bc652","ssdeep":"3:N/BKL1X0S3:eL1EI","tlshash":"fc5504c0774034710410d400d35014155c450501155f1c05705f0cdc17300140455541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.82695Z","last_seen":"2026-06-28T13:01:41.82695Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1b39644b4bdaac56a5da3b81ba3ea0fb","sha1":"638c93cda8fa915bc60eea3709fac724018aa67d","sha256":"ee3720201105a26346ceac4bd84fdd8619611e8f91299c397c0747ac9bfdb108","sha512":"4b78d0ca99e96682ba7cad379ba187b1e6f06dd5393ba2005304892fd187b80c702fe4d52b1cfe8ad6a0e67ad9b6e6f89d4ce61592470a5d3629365d395a8d70","ssdeep":"3:N/BKL1X0cxR:eL1ESR","tlshash":"655504c0745034750410c400d3501415540f0501551f040570dd0cfc17301000455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.828051Z","last_seen":"2026-06-28T13:01:41.828051Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e0e9e7b8b67c5b97e47d4af63ebf3c4f","sha1":"a9e1cc5a39d4014a722577bac00cea63196d988a","sha256":"772c163de413c734308ba87e0dfda40e38c7ac8a8601b572b9518c1f972d09b1","sha512":"c55544fe85cb8c4ee92258e14368cb536dce5362c9b91125e70c1791944dbf54b3f63b2c7271e807e336cf36a74489b9e414181515c7c0203db9b2f9dda14e82","ssdeep":"3:N/BKL1X1f:eL1t","tlshash":"845504c4744030711c11c400d350141554050503151f0405705d3cdc1734000045d540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.829393Z","last_seen":"2026-06-28T13:01:41.829393Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"aa496861b77bce2c672444edf0b213da","sha1":"f19bc87463be09152319896940603da0b9bd73b5","sha256":"02395aa9c12a735a28b1c3eaed2543771e4387fb52d66627af6c7061ec10ede3","sha512":"d798a98eb0a22fe2ffe24071355fb9772d701d432f9a48567e1fc8a28189d931c283de5f46466e310afdf1a0396b3d8948b634935ee9886a26d5b77550a1bf33","ssdeep":"3:N/BKL1X0dWXR:eL1EdE","tlshash":"295504c0744134710430c450d370141554450501151f0405705d0ddc373004004555c0","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.830526Z","last_seen":"2026-06-28T13:01:41.830526Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"435cdacd59eb11c301818e38d4d021ac","sha1":"5e07abd7fce99520b09fbbbc3f5dcaf2ec3bcc78","sha256":"20d621581e896619688300938a0c58e095c57a4b5a03436c3b096d638e672e49","sha512":"dc993ba9b05932d2adb99783bde2c3b8643153c62fc9d3bc5785566096948bac57aacf2524960c93ef9f082c380079363ced7e5aa5bc055f7a709b103912d720","ssdeep":"3:N/BKL1X3CX:eL10","tlshash":"0a5504c0744030710410cc00d3501415540505111d1f1405745d0cdc17300000557d40","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.831748Z","last_seen":"2026-06-28T13:01:41.831748Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7f1b12c4d117bfc5ac8e552adfefa184","sha1":"3d4af4636d0f684800e2b7efbf6f4a858954c2e4","sha256":"9b7ba406e6564665cc67abefa5755747262798bfe32c055932d007c11a0fa2b1","sha512":"e5a1e57ced35c1075b29623fe2286fc09ee7a6afedf42aaaa506240566143072c94ddb11ff53028edbafea56c0a34ee9bdd380ba3ac673cc48a342301996821b","ssdeep":"3:N/BKL1X0XXdn:eL1EXXd","tlshash":"275504c1744034734530c401d3f0141754450501151f0c05f05d0cdc1730000045d540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.832867Z","last_seen":"2026-06-28T13:01:41.832867Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"68954de91fbd35564ced05b5221a326b","sha1":"efa2721d745a7ff2c827f03bc311980cd1fe7c49","sha256":"2971f2550dd77f4f2cccdc3ee3ed5bc745d878115f8fcee9d018dd6f1ff3055e","sha512":"cb414c72dd4edd159c73c913597343938a16c2c1c10d37c181553a31cd340c90e5bd8abe41649ba215cd4bc9b701939d7733e14aeb694cc6ab28821b909ae96f","ssdeep":"3:N/BKL1X1dn:eL17n","tlshash":"575504c074c030f10c15c401d3d4141554050503351f0405705d4cdc17300004455540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.834104Z","last_seen":"2026-06-28T13:01:41.834104Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cf70634e60b191ce2cb114a4e133ad9e","sha1":"b929718b956447dc6498fd42f6ee6df26e7366c0","sha256":"6f1fe3ff3e731b441c32a861373a6a94edbda5577168d339c2ff867470303623","sha512":"fcdfc7a565b93ca7d8118228764610cae3db548456734e0f737fae5cda363bac9588becf1941bfecc8c4cc1f20bc516d9151c995eb381a68f7117991362590aa","ssdeep":"3:N/BKL1X1s:eL1i","tlshash":"cc5504c0755030710410c500d35414155c050503151f040d705d4cdc1f3100104555c1","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.835195Z","last_seen":"2026-06-28T13:01:41.835195Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"80fe7ce241b1cf3c3c943fdfe219f57f","sha1":"e8aa4321b2ae8151ad6038d3964d22cc9ca8b67a","sha256":"6a719bcb3bb1b0e1d8dce5e079e61c94a053275dc13d5b8cf0f81e7c4ddc435b","sha512":"2e847e0f99b8a89015f12dba4ec7974166386666658fa35c167689acee4ed49f9e34e859a1d53c12e0f99370ea54f9d852aeaeb7adb9ecde95a4bdc6eff7888d","ssdeep":"3:N/BKL1X1L:eL15","tlshash":"445504c4754030715431c400d3501415d5050713151f0405705d0ddc1730400045d540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.836251Z","last_seen":"2026-06-28T13:01:41.836251Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"780a824ff8f2745e06577cabe57f3308","sha1":"06668991476522bc7635b7f1635b59aa4b6103b2","sha256":"a4a5dbf4fde981a8e01d89cf3a6e1381b60e4bab23942a9a2d1cc3ff00129a84","sha512":"d2a137001145d327a165cec0cff917f5f45981d9ffd47551d12fb268958fd269708ec14c646be5896f229d3424d4d4c886625ae9f53ac19295a6b27d42d59ec3","ssdeep":"3:N/BKL1X1RS:eL1fS","tlshash":"9b5504c0744030714410d400f3541415541505031f3f4405705d0cdc17300000457741","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.837397Z","last_seen":"2026-06-28T13:01:41.837397Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"10a6c8905bc6685e4c372711cfb3e7e3","sha1":"b31385b331d332ae1f87db3280ad29052c924e01","sha256":"97619ce1f1795a8d737491098be799d9d3d3bab2850218ed2308a4d03090f252","sha512":"a995e05e4631e14b03cb077b5b9df68f1a221e772bed6ca91a10607a8c8f0a5dff22011ccc872f8247f70674c95311f988c60ef2458ea7137f37462703dafa51","ssdeep":"3:N/BKL1X0ShWn:eL1EEWn","tlshash":"795504c0744074710410d410d3501515d40d0501155f0405705d0cdc17700410455541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.838466Z","last_seen":"2026-06-28T13:01:41.838466Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"17cf618fdd8ba40729a8c52a0b4b1ebc","sha1":"364a9759fdd58c31807de1176f4c75d12dbc7508","sha256":"2eb1b8ffc45e42607ccb6ba062f780485ed9566aded646c62378c2bca342d1e1","sha512":"a869613532f8521dad65217c62ba55944fa8c1f9335cdb8c06845eb2fbd753f787941053d5ed998f06a5cad2c400c8f7b4bc1201a3bb97b36b2cf8f025536beb","ssdeep":"3:N/BKL1X3YH:eL1Q","tlshash":"b55504c0744030714430c404d3d1151f54050701175f1405705d0cdc1730000045dd40","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.839608Z","last_seen":"2026-06-28T13:01:41.839608Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b3a16bf650ceac4e14e08faa7722bee0","sha1":"a2a9767e43d88e0daff8b564b1c48adb865973d4","sha256":"af371f7c3c3b81e7b94404fa73188bbde59567f428dacfa444b3eeb97d16b9ac","sha512":"14c177c6a6bff7093be57a0779efc90226547f05674c3e4765725a48e3d9948b67e870829ae94e7b8b01430abc218da8b1120865fe393a8115a42800ffa4c2ec","ssdeep":"3:N/BKL1X37:eL1b","tlshash":"675504c0744030710410dc00f3d0341554050505155f3407705d1cdc17300000455541","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.840708Z","last_seen":"2026-06-28T13:01:41.840708Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"cc090641094aa024172140cecebb82de","sha1":"99bd1e5f173847603d0eaa548a9a086045a19f8c","sha256":"f3d91e7e71edff37fddff0bfcb1df4ca207339284bd827a3e55f0306c9e39354","sha512":"cfb89a3057d1be02e9983bf10be13ca9d5e97e2dfc8a6fd51d5a11d2f5442279c67ba8014c899c1cbe75981b58c69c0819a57890ccd29094c1883475a0c317b7","ssdeep":"3:N/BKL1X1g:eL1u","tlshash":"c55504c0744130717410c400d3501415740505031d1f0405705d0cdc1770000045f540","size":1337359,"data":"","first_seen":"2026-06-28T13:01:41.841802Z","last_seen":"2026-06-28T13:01:41.841802Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/25e6c66701a0/api.js?onload=ePmH8\u0026render=explicit","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:00:55.820Z","timestamp":1782651655820,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /turnstile/v0/b/25e6c66701a0/api.js?onload=ePmH8\u0026render=explicit HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://reg-falconfi.live\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T15:32:18.124528Z","times_seen":16796036,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/cdn-cgi/challenge-platform/h/b/flow/ov1/696527360:1782648014:9d2O0z3myJv4qbZfR7y4-7FH_SdDggY7nf2vir9BYug/a12ce08b08ad56b1/zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:00:55.878Z","timestamp":1782651655878,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reg-falconfi.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 12:17:36 GMT","end":"Mon, 21 Sep 2026 13:16:07 GMT"},"fingerprint":{"sha1":"02:D7:FD:B7:29:4D:F5:35:3F:E7:D3:22:D2:CC:A0:B5:97:E4:42:AF","sha256":"24:21:AD:2C:17:FA:EA:31:7D:56:67:A5:0C:C1:CF:35:8C:07:A2:F8:11:DB:CB:31:7D:DB:58:66:BF:70:4A:51"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/696527360:1782648014:9d2O0z3myJv4qbZfR7y4-7FH_SdDggY7nf2vir9BYug/a12ce08b08ad56b1/zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://reg-falconfi.live/\r\ncf-chl: zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2263\r\nOrigin: https://reg-falconfi.live\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T15:32:18.124528Z","times_seen":16796036,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/favicon.ico","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:00:55.884Z","timestamp":1782651655884,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://reg-falconfi.live/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T15:32:18.124528Z","times_seen":16796036,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/cdn-cgi/challenge-platform/h/b/flow/ov1/696527360:1782648014:9d2O0z3myJv4qbZfR7y4-7FH_SdDggY7nf2vir9BYug/a12ce08b08ad56b1/zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:01:01.009Z","timestamp":1782651661009,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reg-falconfi.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 12:17:36 GMT","end":"Mon, 21 Sep 2026 13:16:07 GMT"},"fingerprint":{"sha1":"02:D7:FD:B7:29:4D:F5:35:3F:E7:D3:22:D2:CC:A0:B5:97:E4:42:AF","sha256":"24:21:AD:2C:17:FA:EA:31:7D:56:67:A5:0C:C1:CF:35:8C:07:A2:F8:11:DB:CB:31:7D:DB:58:66:BF:70:4A:51"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/696527360:1782648014:9d2O0z3myJv4qbZfR7y4-7FH_SdDggY7nf2vir9BYug/a12ce08b08ad56b1/zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://reg-falconfi.live/\r\ncf-chl: zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs\r\ncf-chl-ra: 1\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2263\r\nOrigin: https://reg-falconfi.live\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T15:32:18.124528Z","times_seen":16796036,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/cdn-cgi/challenge-platform/h/b/flow/ov1/696527360:1782648014:9d2O0z3myJv4qbZfR7y4-7FH_SdDggY7nf2vir9BYug/a12ce08b08ad56b1/zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:01:11.521Z","timestamp":1782651671521,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/696527360:1782648014:9d2O0z3myJv4qbZfR7y4-7FH_SdDggY7nf2vir9BYug/a12ce08b08ad56b1/zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://reg-falconfi.live/\r\ncf-chl: zfC3wG7D.ozGpZORE4EG18CieumTueoB9utQGkh2awY-1782651654-1.2.1.1-ZHqW_TPuUfyV_zHwffCxGnMoNT00MUsvEdvI_FqK6eXDliDavThsvgNqZh0KeWZs\r\ncf-chl-ra: 2\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2263\r\nOrigin: https://reg-falconfi.live\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T15:32:18.124528Z","times_seen":16796036,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"104.21.65.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T13:00:50.865Z","timestamp":1782651650865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reg-falconfi.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 12:17:36 GMT","end":"Mon, 21 Sep 2026 13:16:07 GMT"},"fingerprint":{"sha1":"02:D7:FD:B7:29:4D:F5:35:3F:E7:D3:22:D2:CC:A0:B5:97:E4:42:AF","sha256":"24:21:AD:2C:17:FA:EA:31:7D:56:67:A5:0C:C1:CF:35:8C:07:A2:F8:11:DB:CB:31:7D:DB:58:66:BF:70:4A:51"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 \r\ndate: Sun, 28 Jun 2026 13:00:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-TRtaRcnXJuDdet54j4l4Ei' 'unsafe-eval' https://challenges.cloudflare.com; script-src-attr 'none'; style-src 'unsafe-inline'; img-src 'self' https://challenges.cloudflare.com; connect-src 'self' https://challenges.cloudflare.com; frame-src 'self' https://challenges.cloudflare.com blob:; child-src 'self' https://challenges.cloudflare.com blob:; worker-src blob:; form-action http: https:; base-uri 'self'\r\nserver: cloudflare\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),xr-spatial-tracking=*\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"a12ce08b08ad56b1\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iEmgmU2CsLk4prFo5255X0jgtZjglkjoDTXTuYUbvgwudsxDIXGp87t6nsvRlec4s64pclgrIIwIrncdWOr2gi1FIv%2FxizGfqg7a%2F19yAGoHJ%2Bzofq93ITD7QH%2BLVXutICwfDA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a12ce08b08ad56b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5578,"size_decoded":5540,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5578), with no line terminators","md5":"f1e3e1bf7c10be9442d8a624561a87ce","sha1":"7b6c656c0698d81c536439d0c7f5c531bc028616","sha256":"59f4ca9d526a78a753a13f94ef048f5cf79f947e5f97f8dcc87bc6d1acf08863","sha512":"d0122e5fd364aa44da46b6643de4fd884acda13b1cfc8f7f7368d634f55830e8617443ce5fa68ba5584cc90b22b877ea84a2605ce2b85238341758d9434bc516","ssdeep":"96:PNyFtoXZzIEb0EaW87PCfeS/iLHNpW+NUGH62jbkuNYzueh8Homw:PN8tkCB6GnHW+NUGH6CbkuqyVw","tlshash":"67b14ba3bcb6801b53f16f911873731c5350b212bf06a28495b1c95d9afdf0f426e1c9","first_seen":"2026-06-28T13:01:41.791545Z","last_seen":"2026-06-28T13:01:41.791545Z","times_seen":1,"resource_available":true,"data":null}},"time_used":4029,"timings":{"blocked":-1,"dns":4005,"connect":1,"send":0,"wait":8,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=a12ce08b08ad56b1","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"104.21.65.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:00:55.442Z","timestamp":1782651655442,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reg-falconfi.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 12:17:36 GMT","end":"Mon, 21 Sep 2026 13:16:07 GMT"},"fingerprint":{"sha1":"02:D7:FD:B7:29:4D:F5:35:3F:E7:D3:22:D2:CC:A0:B5:97:E4:42:AF","sha256":"24:21:AD:2C:17:FA:EA:31:7D:56:67:A5:0C:C1:CF:35:8C:07:A2:F8:11:DB:CB:31:7D:DB:58:66:BF:70:4A:51"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=a12ce08b08ad56b1 HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://reg-falconfi.live/?__cf_chl_rt_tk=YWPcUtaKtAj6so2TFhlszGV0R647iMJPIfqoLgU_uhU-1782651654-1.0.1.1-9x.BEPTMec1DHB3EMNggmNpqatWPIis1spguNaodBKE\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-encoding: zstd\r\ndate: Sun, 28 Jun 2026 13:00:55 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: a12ce08e8fa54e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218345,"size_decoded":79120,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"cf2aa6802397187f934f7ee58c76141a","sha1":"b623317ecb5da233e28ef46c285d6d876fa1ae96","sha256":"281b0627c8b09274f0b616126a2ea98ea857ff09730896cf4f40fcbf6dc5eb17","sha512":"9073e8728e083c195cd7a04e8cd8beba05d5376d3d1ab3e73b06f902ed2e5235d293cbd264a3e5ba2de5b873669dd10007bb8e2b10f01d110d835b48536d6ff6","ssdeep":"6144:AzS+hFvcsCggH9SpRO4b/9Cqd+R77ULDMVYWtODgGDGgoHMTcNA1Gk4QxkMIV2wg:JoWW","tlshash":"ee24b7cf74c67807022715f5842ff04f625e4dc4821c292a5a2186e07abdf799b7fab9","first_seen":"2026-06-28T13:01:41.79291Z","last_seen":"2026-06-28T13:01:41.79291Z","times_seen":1,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"reg-falconfi.live/favicon.ico","fqdn":"reg-falconfi.live","domain":"reg-falconfi.live","tld":"live"},"ip":{"addr":"104.21.65.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reg-falconfi.live/","date":"2026-06-28T13:00:55.476Z","timestamp":1782651655476,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reg-falconfi.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 12:17:36 GMT","end":"Mon, 21 Sep 2026 13:16:07 GMT"},"fingerprint":{"sha1":"02:D7:FD:B7:29:4D:F5:35:3F:E7:D3:22:D2:CC:A0:B5:97:E4:42:AF","sha256":"24:21:AD:2C:17:FA:EA:31:7D:56:67:A5:0C:C1:CF:35:8C:07:A2:F8:11:DB:CB:31:7D:DB:58:66:BF:70:4A:51"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: reg-falconfi.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://reg-falconfi.live/?__cf_chl_rt_tk=YWPcUtaKtAj6so2TFhlszGV0R647iMJPIfqoLgU_uhU-1782651654-1.0.1.1-9x.BEPTMec1DHB3EMNggmNpqatWPIis1spguNaodBKE\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 13:00:55 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J%2FvFOkG8%2FjDj7mtzvJql9lJQQk2ZFWy%2FEnztXu5EW2VtY6CB2ne8toPTOzoaPOeh2T4ttx%2FPOERC2A9nazOmMFBV6OYKhWKMSCv3Zzore02A7DsK8qiEqBUhjzE9oCvzxGqG5w%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a12ce08ebfa84e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":755,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"1b7c22a214949975556626d7217e9a39","sha1":"d01c97e2944166ed23e47e4a62ff471ab8fa031f","sha256":"340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87","sha512":"ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5","ssdeep":"","tlshash":"59c08c6e2613bd4cc6a3217522c3b490c09aa3a7a4ea46214840805331cb29a8ac7396","first_seen":"2023-03-10T20:17:28Z","last_seen":"2026-06-28T15:35:16.711166Z","times_seen":45753,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"reg-falconfi.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}