{"report_id":"80f9eb67-f965-4309-a8da-02806e0ea7dc","version":6,"status":"done","tags":[],"date":"2026-02-24T14:08:09Z","url":{"schema":"http","addr":"com-auth.org","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":0,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"http","addr":"com-auth.org/cgi-sys/defaultwebpage.cgi","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"title":"Default Web Site Page","dom":{"size":6928,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"58df2e0b58186ca768c687e9ef513a19","sha1":"b7ea351d3f10e482319d97ee1a7f51f8354bc346","sha256":"8737c3fcfb94039ab117076c0dca150e50bb24cfc9143a902dae92fa9311c842","sha512":"0a70d2111cde99abf8917dd1da53d72a43ba1253d748becca812420e47b8a17eb351694d23724e947b8ec5e1b101bad39a903c78f69157bf72f1057929072dc8","ssdeep":"192:9lYHC+H1U7ydPJq5AtyhhuT9w3y4E9SyJqPl9VRsQ:t9LlhsQ","tlshash":"7ce11e5b2af200276043a4b56bbb6711af24e043c21fcd543e1c53d8df86992cda3b9c","dom_hash":"domhashf766092b73388dfad28e8ada2a02caa6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"com-auth.org","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":0,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T14:08:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"com-auth.org","ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"domain_registered":"2026-02-22","domain_rank":0,"first_seen":"2026-02-24T14:08:09.194491Z","last_seen":"2026-02-24T14:08:09.194491Z","alert_count":10,"request_count":10,"received_data":42617,"sent_data":4135,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"com-auth.org/favicon.ico","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://com-auth.org/cgi-sys/defaultwebpage.cgi","date":"2026-02-24T14:07:48.799Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://com-auth.org/cgi-sys/defaultwebpage.cgi\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nAccept-Ranges: bytes\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10380,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"5b3cec882a7c50a2131dea953872f0c9","sha1":"14127ae6947dea6626cad3859aae1fafae3f646e","sha256":"8452df8714151cac335c3a9920f683f077e0cfedd06df5d57b237f6cb947fbd2","sha512":"2c2e80f714e9ccb7c0dbbc117e96b2f46a9f937ff206e92e08294fd48d1f243726206a2f0c0baa7139b78419e458c3244f7c6ca18b9ab831f83937d225b389d8","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93Ju:FVGaRF8I88nx3","tlshash":"2f22b6971ae3000b740761ba6bba2201ab69e543d12fcd647f0df3d8cf865818d93b4e","first_seen":"2026-02-24T14:08:12.087031Z","last_seen":"2026-02-24T14:08:12.087031Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"com-auth.org/cgi-sys/defaultwebpage.cgi","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T14:07:48.377Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /cgi-sys/defaultwebpage.cgi HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":0,"dns":1,"connect":63,"send":0,"wait":0,"receive":0,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/img-sys/IP_changed.png","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://com-auth.org/cgi-sys/defaultwebpage.cgi","date":"2026-02-24T14:07:48.662Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /img-sys/IP_changed.png HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://com-auth.org/cgi-sys/defaultwebpage.cgi\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 11 Feb 2025 04:36:51 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 2939\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2939,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"ec081653bd4c836483e6d612588d18ec","sha1":"91c7e4cfa061808881575a875741773a949a9e0a","sha256":"b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c","sha512":"b1cc98149afc9d9041bfc4e91a0990728f3f1a2c944e8819d4b131b60f8a2a03f831e855ce6efd478a651c2dce8fe715645bfe3d59699a442a4a6dc898bb406c","ssdeep":"","tlshash":"33513aaaf91e6c50834215dfa1e6402a2ed1e84e751430b326287afe53df8036a32f80","first_seen":"2023-04-13T09:27:24Z","last_seen":"2026-06-08T20:13:18.679124Z","times_seen":27724,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/img-sys/powered_by_cpanel.svg","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://com-auth.org/cgi-sys/defaultwebpage.cgi","date":"2026-02-24T14:07:48.665Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /img-sys/powered_by_cpanel.svg HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://com-auth.org/cgi-sys/defaultwebpage.cgi\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 13 Apr 2016 18:55:24 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 5617\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5617,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c47b4b5200566a2a496a11ba472ec5da","sha1":"3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c","sha256":"179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9","sha512":"b67659bfb2f94cc1124eb88f7582ae2ee1c983210577edc9aaf6fdb65f6b0e2b9fd786169a91fc72a1ac0e8556bc09c7cf35395c7a038a6f6419660b7b64545f","ssdeep":"96:BDol4IVL19t2mY5Ib0Va4FALs/k2eerILEKQhnEIsFGFB/aStUY0NuhHkzTUgCgM:BGjR19tU5Ib0tCY8jeSEptRPFESt70NW","tlshash":"77c174f9c7a053f47ac38f5deb2966d0b0ebf8bd1ea082c451759368c4c0ad9e948874","first_seen":"2023-04-05T04:59:52Z","last_seen":"2026-06-08T19:38:41.812021Z","times_seen":43226,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":59,"dns":0,"connect":63,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"com-auth.org/","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T14:07:47.798Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":207,"dns":0,"connect":63,"send":0,"wait":0,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T14:07:48.152Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 07 Jan 2026 01:03:59 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 163\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":163,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f1fb042c62910c34be16ad91cbbd71fa","sha1":"5bc7aceba9a8704ef4b1d427d7d08b140afcd866","sha256":"9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24","sha512":"d4b2f435a14e915ec8c36364ef6be6dd810883b5c9c8e337573a114d36257186fae92ead623ac5ef7812b0ff2cc4973842e994f2f7fcd510d3c5a9c5c33a369b","ssdeep":"","tlshash":"71c08cd8009c383c7124b888dfc102c284669009a4a03ec154dbb62cc27ca27c88e2e4","first_seen":"2023-03-08T15:50:46Z","last_seen":"2026-06-08T18:52:22.11329Z","times_seen":25696,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":61,"dns":1,"connect":61,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/cgi-sys/defaultwebpage.cgi","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T14:07:48.519Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cgi-sys/defaultwebpage.cgi HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6942,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"9d37760c339f6fe8cc8d83452d82ce34","sha1":"bbc7af575dd5b26ea413946daab10959b537d1d3","sha256":"bd6d428897f241075598af7682b6f717cbc86292eea1c3caaa0e79a3717fb81f","sha512":"9c5540cd1397ef931211c3833e88888e3370dd14913d7bd68519f8a4e2b47c02088b4d0d766495d345564065745aba232901e0ebe8d548c699d4a6c425235fe2","ssdeep":"192:LlYHC+H1U7ydPJq5AtyhhuT9w3y4E9SyJqP296aSQ:/9L2rSQ","tlshash":"2ee10f5b2af200276043a4b56bab2712af24e043c25fcd543e5c57d8df86992cde3b9c","first_seen":"2026-02-24T14:08:12.095252Z","last_seen":"2026-02-24T14:08:12.095252Z","times_seen":1,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":75,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/img-sys/server_misconfigured.png","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://com-auth.org/cgi-sys/defaultwebpage.cgi","date":"2026-02-24T14:07:48.664Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /img-sys/server_misconfigured.png HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://com-auth.org/cgi-sys/defaultwebpage.cgi\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 11 Feb 2025 04:36:51 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 3164\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3164,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f79adaf00f83dc9757086cdbe8645ff0","sha1":"82f37b8be7668eab8e1a06de828cb336799c8134","sha256":"944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f","sha512":"eb7db97a73d4fd8ff7acc027582a2564636ee9d92f19365da11ec4c80be62418450fd0b37ed1462d56489c52fa1ab69008b040fad7795151dc1d26ac59293f6a","ssdeep":"","tlshash":"54513b80a9156c08aed83aacb51d109b84003ce5a8372cc480728fffb61e8b36aa55dd","first_seen":"2023-04-05T04:59:52Z","last_seen":"2026-06-08T20:13:18.680311Z","times_seen":42920,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":60,"dns":1,"connect":63,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/img-sys/server_moved.png","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://com-auth.org/cgi-sys/defaultwebpage.cgi","date":"2026-02-24T14:07:48.665Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /img-sys/server_moved.png HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://com-auth.org/cgi-sys/defaultwebpage.cgi\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 11 Feb 2025 04:36:51 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 3327\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3327,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f6590a396da81a8e4cce7ca046874ffd","sha1":"7e68db322c32ca079b2c836812d3a25204ab93cc","sha256":"3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28","sha512":"cf4ae5e172feb6923bfd5ad4f302bf63250f4072774fb29efb0846167ea95d708299047cb18e4c72deffc5d24040a35049d778685f7cf96801ee8d4769a25fa1","ssdeep":"","tlshash":"486139d62986504a264a0c61eaf5ec963065301b28789a3e8527cbcc96c8a9e698c317","first_seen":"2023-04-07T07:55:56Z","last_seen":"2026-06-08T20:13:18.676205Z","times_seen":27716,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":58,"dns":1,"connect":62,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"com-auth.org/img-sys/error-bg-left.png","fqdn":"com-auth.org","domain":"com-auth.org","tld":"org"},"ip":{"addr":"195.20.19.91","port":80,"asn":201670,"as":"S.c. Infotech-grup S.r.l.","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://com-auth.org/cgi-sys/defaultwebpage.cgi","date":"2026-02-24T14:07:48.666Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /img-sys/error-bg-left.png HTTP/1.1\r\nHost: com-auth.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://com-auth.org/cgi-sys/defaultwebpage.cgi\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 24 Feb 2026 14:07:48 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 11 Feb 2025 04:36:51 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 8072\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8072,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced","md5":"cdbe46a0178886162bdedff35336154e","sha1":"f5acc131f7d3fdfbebfc4a55be73cf51c7638937","sha256":"862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e","sha512":"cd75baa25c17945a25381d08d30887ddcb4a42dda676f6189bd2e25c91e390197d2ebf68a86b74995a32483445aeeee3df7c0ff6bec9e8b69f1d84f3ee3423b4","ssdeep":"192:4FWzRDmuPuPjEAWYgZgwuJGaY8o84ntC6K0GrD7tSHzN:4FGRDmumPgAWLslY8o8yCjzr/tk","tlshash":"6bf1af71ca2b86519ebb4f95c1fa8397b851c92ecc03b3f68c2716376dd61b6452ac0c","first_seen":"2023-04-12T19:49:10Z","last_seen":"2026-06-08T20:13:18.68217Z","times_seen":27729,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":56,"dns":0,"connect":62,"send":0,"wait":62,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"com-auth.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}