{"report_id":"8d008634-19a7-4f03-8636-656468de7518","version":0,"status":"done","tags":[],"date":"2026-06-17T15:29:00Z","url":{"schema":"http","addr":"freeflowrodovia.com","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":0,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"freeflowrodovia.com/","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"title":"Pedágio Digital - Consulte e Pague Débitos Online | Pedagio Digital","dom":{"size":29099,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (376)","md5":"902519eba3743c9706d50197b5a52620","sha1":"1c7bc1a1e5d19c6099de59348a2d1bb4edea39db","sha256":"3c5f0d79003ee66789a4c44861fe3b5e284883c230d8a0e5aa15de91c5a1bbdf","sha512":"a8d89a4ab1fa7f2529c33a80920edc2eaa043ceed6704c3c56b6ec384f8b7e9062e2e7ade7f92cf2e6d930a0f278a2f30d546a770e8bc64905a33065995dd8c6","ssdeep":"384:dLsOGGsGvV1aXB0xrTUIDYwx4nkmxesh0A1rGT30irhio+OVqPsNO3B/t:hrTUI1x4kmosh0A1eEi1r+OsPsNaB1","tlshash":"d3d2b57975f6143742934663abd7eb5a7fa5c503c40aca09baec07416fcac118ca3b9c","dom_hash":"domhash8b85cc4c8c4aef1b89f689a738007bdc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"freeflowrodovia.com","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":0,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T15:29:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowrodovia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pedagiofreeflow.kz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"freeflowrodovia.com","ip":{"addr":"140.99.164.86","port":443,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"domain_registered":"2026-05-29","domain_rank":0,"first_seen":"2026-06-16T01:30:05.166835Z","last_seen":"2026-06-16T01:30:05.166835Z","alert_count":20,"request_count":4,"received_data":1700292,"sent_data":1980,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"pedagiofreeflow.kz","ip":{"addr":"34.144.253.181","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2026-04-05","domain_rank":0,"first_seen":"2026-06-16T01:30:05.165447Z","last_seen":"2026-06-16T01:30:05.165447Z","alert_count":1,"request_count":1,"received_data":231,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"freeflowrodovia.com/","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":443,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d90835dfb4b42ab991e56dd09eb460e","sha1":"c3ab853ce67c5a33f6b7cc69d01e8d1ed45f84bc","sha256":"ff371546eb9fbb2bd3966eb793575718854e10ab95912a1c39d5c8e67f49c3e4","sha512":"f3f0268f32255389691acafa789d0b1f1efa044e2f36bf7fae06c46e775e1afea4350c8d78c78a98dd08cb88a1d54e41761b26edec361d717df98510df331d26","ssdeep":"192:yl2yH1q8lEjMB9VKNbv+lQZKIVOSB6B/IM24CDS6y2:8PsNO3B/a","tlshash":"54020cbe69fb147146a7757f9bcfe689763140032808cd08be9c8b015f92a6449b3fc8","size":8226,"data":"","first_seen":"2026-06-16T01:29:11.757524Z","last_seen":"2026-06-17T20:27:52.356761Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"freeflowrodovia.com/combined.css","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":443,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://freeflowrodovia.com/","date":"2026-06-17T15:28:35.286Z","timestamp":1781710115286,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowrodovia.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 19:48:57 GMT","end":"Thu, 27 Aug 2026 19:48:56 GMT"},"fingerprint":{"sha1":"71:06:C0:EC:05:59:5B:35:D3:0E:D6:AA:EC:70:7F:62:2C:86:E8:0A","sha256":"14:CC:AE:72:CC:F6:62:6F:21:F1:43:BA:14:D7:E8:8E:8A:49:A2:03:79:16:34:E1:87:5E:C0:65:5C:C8:07:9C"}}},"request":{"raw":"GET /combined.css HTTP/1.1\r\nHost: freeflowrodovia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowrodovia.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 24 Jun 2026 15:28:35 GMT\r\netag: \"3fb7-6a18d246-5a1ea;br\"\r\nlast-modified: Thu, 28 May 2026 23:39:50 GMT\r\ncontent-type: text/css\r\ncontent-length: 4066\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 17 Jun 2026 15:28:35 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16311,"size_decoded":4585,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (10874), with CRLF line terminators","md5":"dc4f7ae6333f2341678bd49a7626c090","sha1":"d6c1cb3a7c332178a49eabf2d4dc2082f134fe03","sha256":"f1a92fd98f7d5671dd5f2ea9b4853efe7fb25d594cea34b184395618abda4de5","sha512":"24d5ae835ed2be1821f1a017ec6a44fac5955b36a3cc567f4ed2950818de4e45f18636db6b4f72b34441495ad78073876a62d3121cb53c5cedad387c2f470f46","ssdeep":"192:vUC9J8W9J846Awb9NsfL0uSlHGC/LMwhwOMiWGe9+vfbkIUS701GUw5ExOP:cRdB/LMwhwq8JOP","tlshash":"ec72d959a641101e7d7382fadaf1775df53e64c3cb2a5bfd759a2010afe22e10893e08","first_seen":"2026-06-16T01:30:12.101884Z","last_seen":"2026-06-17T15:29:01.531913Z","times_seen":4,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowrodovia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowrodovia.com/img3.jpg","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":443,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://freeflowrodovia.com/","date":"2026-06-17T15:28:35.514Z","timestamp":1781710115514,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowrodovia.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 19:48:57 GMT","end":"Thu, 27 Aug 2026 19:48:56 GMT"},"fingerprint":{"sha1":"71:06:C0:EC:05:59:5B:35:D3:0E:D6:AA:EC:70:7F:62:2C:86:E8:0A","sha256":"14:CC:AE:72:CC:F6:62:6F:21:F1:43:BA:14:D7:E8:8E:8A:49:A2:03:79:16:34:E1:87:5E:C0:65:5C:C8:07:9C"}}},"request":{"raw":"GET /img3.jpg HTTP/1.1\r\nHost: freeflowrodovia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowrodovia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 24 Jun 2026 15:28:35 GMT\r\netag: \"193016-6a10b77e-5a1eb;;;\"\r\nlast-modified: Fri, 22 May 2026 20:07:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1650710\r\naccept-ranges: bytes\r\ndate: Wed, 17 Jun 2026 15:28:35 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1650710,"size_decoded":1651191,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 6720x4480, components 3","md5":"953c11a355859b3e1496b4648befcfbe","sha1":"8bf0b0478939c44e25e49722355cb74b6e097efd","sha256":"9d10f1cababe42863942815aea6abc5d5910b5c3c0d1e77c3e1f99b67cfc0ac4","sha512":"42a592686d5b31f35637b55d1cbe0f840d647bcd202ce6f9947996e2243efa0736b77665c5354f7dbdb62f9137e2c4bf919f8ad0c110fe8b6079cf009024bfc1","ssdeep":"24576:dBzOtheQwcuIRR34cMU2tONqRuJRA7Zn2oShPX:zaX1wcuIH3tMU28qRuE7lcX","tlshash":"fe252307dc110943faa593f4bf034eac2f766b2ca9a23afe01656edf38101625c9d579","first_seen":"2026-01-26T01:03:01.050515Z","last_seen":"2026-06-17T20:27:52.354729Z","times_seen":32,"resource_available":false,"data":null}},"time_used":1477,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":217,"receive":1260,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowrodovia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowrodovia.com/favicon.ico","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":443,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://freeflowrodovia.com/","date":"2026-06-17T15:28:35.638Z","timestamp":1781710115638,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowrodovia.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 19:48:57 GMT","end":"Thu, 27 Aug 2026 19:48:56 GMT"},"fingerprint":{"sha1":"71:06:C0:EC:05:59:5B:35:D3:0E:D6:AA:EC:70:7F:62:2C:86:E8:0A","sha256":"14:CC:AE:72:CC:F6:62:6F:21:F1:43:BA:14:D7:E8:8E:8A:49:A2:03:79:16:34:E1:87:5E:C0:65:5C:C8:07:9C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: freeflowrodovia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowrodovia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Wed, 17 Jun 2026 15:28:35 GMT\r\nserver: LiteSpeed\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1249,"size_decoded":1095,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-06-17T19:46:41.436098Z","times_seen":41438,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowrodovia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowrodovia.com/","fqdn":"freeflowrodovia.com","domain":"freeflowrodovia.com","tld":"com"},"ip":{"addr":"140.99.164.86","port":443,"asn":396356,"as":"LATITUDE-SH","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:28:33.764Z","timestamp":1781710113764,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowrodovia.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 19:48:57 GMT","end":"Thu, 27 Aug 2026 19:48:56 GMT"},"fingerprint":{"sha1":"71:06:C0:EC:05:59:5B:35:D3:0E:D6:AA:EC:70:7F:62:2C:86:E8:0A","sha256":"14:CC:AE:72:CC:F6:62:6F:21:F1:43:BA:14:D7:E8:8E:8A:49:A2:03:79:16:34:E1:87:5E:C0:65:5C:C8:07:9C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: freeflowrodovia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\netag: \"75e1-6a18d246-5a1e9;br\"\r\nlast-modified: Thu, 28 May 2026 23:39:50 GMT\r\ncontent-type: text/html\r\ncontent-length: 7274\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 17 Jun 2026 15:28:34 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":30177,"size_decoded":7735,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (376), with CRLF line terminators","md5":"bfd416278ffad7b9e529412b44398890","sha1":"d53c0d68dc5c0126d2131dec0470689c390e9720","sha256":"81aa311c831ade0204ca1efe6855b404cf931b4ce0e38afa6f7c8f8211c8381c","sha512":"86c43c0f1f7de89e3b634dd3c5d993e9f04f3c68e667d56b8ccca5a1562b35446ce07e407fea9086c1b9217b1b0b266e0b8e7d5fe44119eeca4f571c924e560c","ssdeep":"384:xMuJpTOSSwhOTEtcqGEk39bTyi46zujv5tl/QpMY+:lpTOS3UTacykt6b6zu7fl4pn+","tlshash":"f4d2727935c0143602734766aba3ab9aff65c503c106c64abaed17476ffac108893fd8","first_seen":"2026-06-16T01:30:12.098703Z","last_seen":"2026-06-17T15:29:01.538026Z","times_seen":4,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":-1,"dns":40,"connect":249,"send":0,"wait":223,"receive":0,"ssl":442},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowrodovia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowrodovia.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pedagiofreeflow.kz/pedagio1_files/css2","fqdn":"pedagiofreeflow.kz","domain":"pedagiofreeflow.kz","tld":"kz"},"ip":{"addr":"34.144.253.181","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://freeflowrodovia.com/","date":"2026-06-17T15:28:35.283Z","timestamp":1781710115283,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /pedagio1_files/css2 HTTP/1.1\r\nHost: pedagiofreeflow.kz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowrodovia.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:28:35 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T20:31:20.825331Z","times_seen":16492214,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pedagiofreeflow.kz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}