{"report_id":"94682962-17ef-4afe-83d6-512e380f7ea5","version":6,"status":"done","tags":[],"date":"2025-10-18T18:51:24Z","url":{"schema":"http","addr":"willowy-tanuki-b25da0.netlify.app/","fqdn":"willowy-tanuki-b25da0.netlify.app","domain":"willowy-tanuki-b25da0.netlify.app","tld":"netlify.app"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"willowy-tanuki-b25da0.netlify.app/","fqdn":"willowy-tanuki-b25da0.netlify.app","domain":"willowy-tanuki-b25da0.netlify.app","tld":"netlify.app"},"title":"Site not found"},"submit":{"url":{"schema":"http","addr":"willowy-tanuki-b25da0.netlify.app/","fqdn":"willowy-tanuki-b25da0.netlify.app","domain":"willowy-tanuki-b25da0.netlify.app","tld":"netlify.app"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-22T18:51:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-18T18:51:02Z","timestamp":1760813462,"ip_dst":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.20","port":36060,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2025-10-18T18:51:02.690620+0000\",\"flow_id\":950600306447248,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":36060,\"dest_ip\":\"35.157.26.135\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"willowy-tanuki-b25da0.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3502,\"start\":\"2025-10-18T18:51:02.643984+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"willowy-tanuki-b25da0.netlify.app","ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-05-08","domain_rank":0,"first_seen":"2025-10-18T18:51:24.989363Z","last_seen":"2025-10-18T18:51:24.989363Z","alert_count":6,"request_count":3,"received_data":7216,"sent_data":1477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-18T18:51:02Z","timestamp":1760813462,"ip_dst":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.20","port":36060,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2025-10-18T18:51:02.690620+0000\",\"flow_id\":950600306447248,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":36060,\"dest_ip\":\"35.157.26.135\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"willowy-tanuki-b25da0.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3502,\"start\":\"2025-10-18T18:51:02.643984+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"willowy-tanuki-b25da0.netlify.app/","fqdn":"willowy-tanuki-b25da0.netlify.app","domain":"willowy-tanuki-b25da0.netlify.app","tld":"netlify.app"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-18T18:51:02.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 31 Jan 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"04:28:C9:A3:BC:06:50:9C:6B:0B:67:72:82:27:C6:3D:99:1B:5B:71","sha256":"FA:34:6A:A0:1C:F5:9C:C7:30:CA:55:23:13:A1:3E:0F:21:8C:3A:0B:B5:CC:E5:67:09:FE:64:EC:97:4E:8D:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: willowy-tanuki-b25da0.netlify.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Sat, 18 Oct 2025 18:51:02 GMT\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01K7WAJD5ZC9RPWKXVY4059NMY\r\ncontent-length: 3164\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3164,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1984)","md5":"ac91711278a8cb5e4e89378ee6739668","sha1":"c4c0bcd29d7816f3033f2b982e93ea92385ed090","sha256":"1c80f792182e5405aaf980b0efbe51e7fe3cba4ac312b75bcc585024b00354f4","sha512":"b5eb9e4b82021ff19d4a0afe7db3fb7c99560f722971bda51d7cd1888130b93dc877876ce0e78ff79d8c200ccbb31732b6d8979e0ea84c8b1866c5372594802d","ssdeep":"","tlshash":"875162a9d41a203f6d93681f23a48e4d60297503dc9147e8ffaa936cd6db6f305d6838","first_seen":"2025-10-18T18:51:27.124992Z","last_seen":"2025-10-18T18:51:27.124992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":86,"dns":15,"connect":23,"send":0,"wait":86,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"willowy-tanuki-b25da0.netlify.app/","fqdn":"willowy-tanuki-b25da0.netlify.app","domain":"willowy-tanuki-b25da0.netlify.app","tld":"netlify.app"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-18T18:51:02.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 31 Jan 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"04:28:C9:A3:BC:06:50:9C:6B:0B:67:72:82:27:C6:3D:99:1B:5B:71","sha256":"FA:34:6A:A0:1C:F5:9C:C7:30:CA:55:23:13:A1:3E:0F:21:8C:3A:0B:B5:CC:E5:67:09:FE:64:EC:97:4E:8D:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: willowy-tanuki-b25da0.netlify.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Sat, 18 Oct 2025 18:51:02 GMT\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01K7WAJDCDG6RH53WVSC93QXTR\r\ncontent-length: 3164\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3164,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1984)","md5":"a4eace6fb35cacf3968d14bc448fb27d","sha1":"8c110da7c58cecec0c89c39ec09eb300598be655","sha256":"cab8e50d8656cd225fb197805cd244c70518f93d59b317db78ca397a147f829a","sha512":"e59a29019651fde6b688cf577e88d55cb72fce12ea8950ffb5cb69560f531c2ad1a16f0d989e909d52ba92654d2bf5d9c3a7d5a6412ce0bb5d58cc4291a717ef","ssdeep":"","tlshash":"a35163a9c41a203f6d93681f13a48e4d60297603dca147e8ffea536cd6db6f305d2438","first_seen":"2025-10-18T18:51:27.129231Z","last_seen":"2025-10-18T18:51:27.129231Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"willowy-tanuki-b25da0.netlify.app/favicon.ico","fqdn":"willowy-tanuki-b25da0.netlify.app","domain":"willowy-tanuki-b25da0.netlify.app","tld":"netlify.app"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://willowy-tanuki-b25da0.netlify.app/","date":"2025-10-18T18:51:03.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 31 Jan 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"04:28:C9:A3:BC:06:50:9C:6B:0B:67:72:82:27:C6:3D:99:1B:5B:71","sha256":"FA:34:6A:A0:1C:F5:9C:C7:30:CA:55:23:13:A1:3E:0F:21:8C:3A:0B:B5:CC:E5:67:09:FE:64:EC:97:4E:8D:75"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: willowy-tanuki-b25da0.netlify.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://willowy-tanuki-b25da0.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, max-age=0\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Sat, 18 Oct 2025 18:51:03 GMT\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01K7WAJDHJRZECCXTBT6E8T271\r\ncontent-length: 50\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":50,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"8e0efb4d9d837928547db6e8a6ad36be","sha1":"14c35aca647c473bd20f4ae846a4fc786254df7b","sha256":"358ad1771114698541958a857d7aadfddea3e3ae89e9aec29ad5c4b0188161e1","sha512":"8664ee9ead432c1ce334a24143181c72cf509afdee6582e6ba189fa18ddb73364a437df959e09aea1b8a0455b16074688489c8356e4273af9ca14f9a0658b48a","ssdeep":"","tlshash":"bb90025ac0f1d5594052d8117c5181004401d160f5204632e1429492453218481a109f","first_seen":"2025-10-18T18:51:27.134398Z","last_seen":"2025-10-18T18:51:27.134398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"willowy-tanuki-b25da0.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}