{"report_id":"838da7dc-00ff-43a2-a1d3-970391d03a1c","version":6,"status":"done","tags":[],"date":"2026-04-16T14:53:55Z","url":{"schema":"http","addr":"accessnodess.xyz","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"104.21.18.80","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"accessnodess.xyz/","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"title":"Welcome to our website","dom":{"size":499134,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (41459)","md5":"e46509826f5375c9ab0c50380968cb28","sha1":"62b9a54cd67151657149fc075df33bf1610bcd24","sha256":"37b0d56a13e38c03abfbe32453e37a5c17640b27ec6ae6cc0db3f2dc6ae8f9ad","sha512":"c86f149c6151c359e2e2b34837828eb62109ccb70b530f3233764be6ee02dffc71c9066f241bd52e2e813dec8091110c4ce6273c3336273dca047998cfbd939a","ssdeep":"12288:Yc3I3f32vAFFwWtGd107hO8AN/Ife5Z4o:D3I3f3qAFWdO48AN/If3o","tlshash":"14b4f1b698f2261a125b805d22fb6f067f26d507c01fae917bcd46d48fc7bc088a7785","dom_hash":"domhash3bfa75021e676dbd284c9ddf4adf49a8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"accessnodess.xyz","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"104.21.18.80","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-21T14:53:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"accessnodess.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"accessnodess.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-08","domain_rank":0,"first_seen":"2026-04-16T14:53:55.333113Z","last_seen":"2026-04-16T14:53:55.333113Z","alert_count":4,"request_count":4,"received_data":590664,"sent_data":1862,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"accessnodess.xyz/","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5384b89757faf176f5ea8cfb6269c1a5","sha1":"40cc152f745cb804f581639dfd13e5e527230b4d","sha256":"a32b62a49daf8d141e84283eaea38acc06caa5fa75c0b82bcc4a7c7addfbf3b8","sha512":"e4a759318340e36c9556f413061b15c2e10e813f75a9dede14a19910bfceb34f2e6fb8a29978cff3322471f637e0a7eabbcdada355d263e76cdf33de512455cb","ssdeep":"","tlshash":"3d117a3870f61a761bbf6169870fb285b562009b8049e8053c4cceca0fd8a54187dfcf","size":1020,"data":"","first_seen":"2025-10-18T17:11:24.958541Z","last_seen":"2026-04-16T14:57:56.206114Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"accessnodess.xyz/","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-16T14:53:33.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accessnodess.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 17:22:53 GMT","end":"Wed, 08 Jul 2026 17:22:52 GMT"},"fingerprint":{"sha1":"59:0B:04:B5:D9:6A:BF:E0:B6:FE:17:B9:1F:9A:E5:5C:D5:CA:89:87","sha256":"A0:F4:85:2D:B6:19:60:2A:7B:CE:EB:D2:6E:D0:D3:16:1E:CC:DA:E5:89:A9:3A:0C:B4:2A:05:F6:9A:E0:25:0A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: accessnodess.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 16 Apr 2026 14:53:33 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 09 Apr 2026 17:49:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ypuPKxXVGzdWZxw4RbmKFmbSd%2FBs5q%2B8zuuoL7HXKdFTNkl%2BdPmMZeBmSKEZA8QujcFfMV5T6RZ7l3RCg05pOReCZASNQmxLtigEoDzZIkNFYvZGTTbo6GTtSFllG0l5N14I\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9ed40529e90cb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":498375,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (41459)","md5":"35ec6fc3d0c07362476fd9ed1ed2f89e","sha1":"a81e90cb2c856414aebaac440b0ebdd4344a6a4a","sha256":"e51ed1d2a511b9107865a26caa9a619e21e3b012c2eb22ee6f200dc0fd8b59d0","sha512":"40a5da02f3a27129b7a29a39f6b2659e5c60c48f3ed3cc6981942ffea8bb56e07c194ca3cc8a8dcc20385bacd7a30e7e59674ecb633f3630dea82fa0c7ee6a22","ssdeep":"6144:pi7atq3W7atq3R7atq32D7KBFn8UwWt2jBdfIUqZyYhULBHcAN/If+GIZcb2hfCZ:pc3I3f32vAFFwWtGd107hO8AN/Ife5Zi","tlshash":"2ab4f1ba88f2121a1557805d22fb3f067f25d917c41fae967acd47848fcbbc088a3795","first_seen":"2026-03-30T01:55:33.410119Z","last_seen":"2026-04-16T14:57:56.201259Z","times_seen":4,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":35,"dns":19,"connect":1,"send":0,"wait":234,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"accessnodess.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accessnodess.xyz/app/background_homepage_header.png","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://accessnodess.xyz/","date":"2026-04-16T14:53:33.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accessnodess.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 17:22:53 GMT","end":"Wed, 08 Jul 2026 17:22:52 GMT"},"fingerprint":{"sha1":"59:0B:04:B5:D9:6A:BF:E0:B6:FE:17:B9:1F:9A:E5:5C:D5:CA:89:87","sha256":"A0:F4:85:2D:B6:19:60:2A:7B:CE:EB:D2:6E:D0:D3:16:1E:CC:DA:E5:89:A9:3A:0C:B4:2A:05:F6:9A:E0:25:0A"}}},"request":{"raw":"GET /app/background_homepage_header.png HTTP/1.1\r\nHost: accessnodess.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://accessnodess.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 16 Apr 2026 14:53:33 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 09 Apr 2026 17:49:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uR6LDbgEh4snOMAvheuDxpHwKdw5A4of65muy2yPzMElScP8%2B4VXLfRBfMb62%2BO4o0K5HsDzKkHtTB1yJvcaM%2BSJtkehIUSBxWRK%2FyrAvUkWTtPaIud76cnRAivTPV4yXz5t\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9ed4052c4eb456b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17746,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (13793)","md5":"da7bf012ff76c4484531ef08aeb9d279","sha1":"d3f35a7b6566a5865cc05f873777e03770dcd2b2","sha256":"2065667dd8ffc8fe14e1a44acc91672a43f6432757f5310a67d061bee86c212b","sha512":"7bfc342dae986f63dfd86151daaa89a895c024675c6a1edd7f070c62408189a9742f39b4f3b4c497a42d4bb72f882e6044ef955368f398c5200d279f77f5715a","ssdeep":"384:kg3oC8RoFxWQMGNYEWkuzbpaCtrc3AJMKaP3akHm9jQtUl8f9ppB3w:BoCsoFxWQMGNMJ31JISqUstc8fHjA","tlshash":"1882bf388ef21235d377a66a11dfee583b29d25bc043fc91bc4c80958fd46919ca6b6c","first_seen":"2026-03-30T01:55:33.411701Z","last_seen":"2026-04-16T14:53:57.78867Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":233,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"accessnodess.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accessnodess.xyz/assets/xclod-img.png.pagespeed.ic.S07_z6sv1Q.png","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://accessnodess.xyz/","date":"2026-04-16T14:53:33.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accessnodess.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 17:22:53 GMT","end":"Wed, 08 Jul 2026 17:22:52 GMT"},"fingerprint":{"sha1":"59:0B:04:B5:D9:6A:BF:E0:B6:FE:17:B9:1F:9A:E5:5C:D5:CA:89:87","sha256":"A0:F4:85:2D:B6:19:60:2A:7B:CE:EB:D2:6E:D0:D3:16:1E:CC:DA:E5:89:A9:3A:0C:B4:2A:05:F6:9A:E0:25:0A"}}},"request":{"raw":"GET /assets/xclod-img.png.pagespeed.ic.S07_z6sv1Q.png HTTP/1.1\r\nHost: accessnodess.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://accessnodess.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 16 Apr 2026 14:53:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 63483\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 09 Apr 2026 17:49:36 GMT\r\netag: \"69d7e6b0-f7fb\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ubOIDKYDBrbGecaug2SayUfJippI2v2RRN9rmtRJV6iskbxYT6Jn7QCA7mPWuGTixiVpo26F46wgk3F1cSAKrbXftiSPIgm0vFKt4pWB%2B5egm6ntYiO0YtC7d87reodqX%2Fhm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ed4052c5ecb56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63483,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 427 x 296, 8-bit/color RGBA, non-interlaced","md5":"4b4effcfab2fd50fa44e07b9b01d975b","sha1":"a20e264e3076f91d24b5bad266352f98887aaff3","sha256":"5b124d78a1fa16e3f3933e860fcb70debf4c305fa7feb1e3931381fd48eddcfa","sha512":"134f2a4a72be6dd99e56fb38be682448433b41f0c03716c75dc9a82872416a94a55e5d572230f6e83f1e7a88a1d60e518329acfb380550ef3af94818a96b7f08","ssdeep":"1536:aCUIi9io47Q2/BYMiKb95tJ/fVz0kdG2v55LARglE:a8i9in/4Kb95v3Vz0kdFTLARGE","tlshash":"4a53028d486279d3bddcef62d8a01245644ddd140e7320208d68ba75cc677a3b9bef83","first_seen":"2025-08-08T12:39:21.591838Z","last_seen":"2026-04-16T14:57:56.203092Z","times_seen":15,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":227,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"accessnodess.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accessnodess.xyz/favicon.ico","fqdn":"accessnodess.xyz","domain":"accessnodess.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://accessnodess.xyz/","date":"2026-04-16T14:53:33.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accessnodess.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 17:22:53 GMT","end":"Wed, 08 Jul 2026 17:22:52 GMT"},"fingerprint":{"sha1":"59:0B:04:B5:D9:6A:BF:E0:B6:FE:17:B9:1F:9A:E5:5C:D5:CA:89:87","sha256":"A0:F4:85:2D:B6:19:60:2A:7B:CE:EB:D2:6E:D0:D3:16:1E:CC:DA:E5:89:A9:3A:0C:B4:2A:05:F6:9A:E0:25:0A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: accessnodess.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://accessnodess.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 16 Apr 2026 14:53:34 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Thu, 09 Apr 2026 17:49:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EEFC%2Bz7Q5MeDEpI90XthFOOdeM4ecV2UZ8Uola3BocFAmcVhSX5t9NvvNAmadBFwSOaJo93fjxJFkrswdSOxJshZxCcEl7YPySNcAvf4KaQF1tEHrgJ4DThCWaTyDWq4XR1F\"}]}\r\netag: W/\"69d7e6b0-1d39\"\r\ncontent-encoding: br\r\ncf-ray: 9ed4052e396b56b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7481,"size_decoded":0,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x316, components 3","md5":"76c0d7989e9a83d85a23be4b71a6731f","sha1":"a45ede0e9ddc8c6d2acdb18112ebfedced9b97fa","sha256":"41d54942d740b9bc92c0da1b547f7d4b9f6fb9801433a982f46993f12456b8f1","sha512":"56f97cd3d16b1ad88a5b0796acc07e777c2806b4cc51cdecf984d0382923be111d6ee1ad267c41f2a073c44c2f404083dcbce66c30804d6c76870c0cd681dbb9","ssdeep":"96:Uim7Z0guJmWzwR5ulXmcOc6PYRfa7ZZZcpG7+CqujuVAjvYvWYyKH3eIXjp9BM+K:R8qn1sHuxmcOc0Yx0ccaxuCAkygbK","tlshash":"38f15ce3f254e054d8a2d7b74ca3030cb49b6dcddae1a6dfea5f5c6200ee4b049861c8","first_seen":"2025-08-31T02:48:41.156613Z","last_seen":"2026-04-16T14:57:56.204916Z","times_seen":5,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"accessnodess.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}