{"report_id":"9723c0fb-b036-44bf-9be1-c7ee8d1c8163","version":6,"status":"done","tags":[],"date":"2026-04-10T15:15:57Z","url":{"schema":"https","addr":"giftforyou.fans","fqdn":"giftforyou.fans","domain":"giftforyou.fans","tld":"fans"},"ip":{"addr":"45.142.140.165","port":0,"asn":39287,"as":"ab stract ltd","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"https","addr":"giftforyou.fans/","fqdn":"giftforyou.fans","domain":"giftforyou.fans","tld":"fans"},"title":"MetaMask - Critical Security Update","dom":{"size":4916,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"a6916f1408d716a9bd222280da3fd6f8","sha1":"e843613982b588c4e6c74bd8ccf94294cb1828d7","sha256":"06af94992be4e27a5ab82ac4d539383c5d4207d59ed37c67c60df821f69118f7","sha512":"fbdc48a9da86159ca5407772dca50d3fa949a6c005f67d231a2536496c0f0ad547b466bf25158cb9c263b2b50f75cd8c09d667fb00306024bb07ffe81a1ea7bf","ssdeep":"48:fen5fW+MwB+SHAvjL14D1yv3n4C9LtJJtEHnZTSPv70PjeTMde:h+MwB+SWqwvnN9BJJtSnhSL0be","tlshash":"09a122976ae704157657d1b0abf69b5b3b60c107c60bcc243fcc53988f41ac599b3b98","dom_hash":"domhash4d0d00fb36a20ffe86fb2d8d875c0488","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"giftforyou.fans","fqdn":"giftforyou.fans","domain":"giftforyou.fans","tld":"fans"},"ip":{"addr":"45.142.140.165","port":0,"asn":39287,"as":"ab stract ltd","country":"Finland","country_code":"FI"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T15:15:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"giftforyou.fans","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"giftforyou.fans","ip":{"addr":"45.142.140.165","port":443,"asn":39287,"as":"ab stract ltd","country":"Finland","country_code":"FI"},"domain_registered":"2026-04-09","domain_rank":0,"first_seen":"2026-04-10T15:15:57.190203Z","last_seen":"2026-04-10T15:15:57.190203Z","alert_count":2,"request_count":2,"received_data":5549,"sent_data":921,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"giftforyou.fans/","fqdn":"giftforyou.fans","domain":"giftforyou.fans","tld":"fans"},"ip":{"addr":"45.142.140.165","port":443,"asn":39287,"as":"ab stract ltd","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":true,"md5":"be5d6f20b466eb6201a808f9a0d066ff","sha1":"5374223bfd69e747cd75b7c79a2f243295d2a776","sha256":"8ecfe2f7edf83689dfe602103e02459552bc8a1e35b8ec7fba6808bd229e04c2","sha512":"c79790d5427b458fb7518adbc8ba9e118359351be569c953434c1d07a316e336327c481d7f71f3cb3ff25dec4c7b719c02ab8c8845cf172948846ef5eceb9202","ssdeep":"","tlshash":"f901ac9b3aa384340aa7a173c636e39e3553005f5908d8557b8dcb016f24f8a24fbbc4","size":690,"data":"","first_seen":"2026-04-10T15:16:00.411442Z","last_seen":"2026-04-10T15:16:14.481242Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"giftforyou.fans/favicon.ico","fqdn":"giftforyou.fans","domain":"giftforyou.fans","tld":"fans"},"ip":{"addr":"45.142.140.165","port":443,"asn":39287,"as":"ab stract ltd","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://giftforyou.fans/","date":"2026-04-10T15:15:36.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"giftforyou.fans","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 07:22:07 GMT","end":"Thu, 09 Jul 2026 07:22:06 GMT"},"fingerprint":{"sha1":"5D:14:46:DA:C8:C8:9A:30:CB:8D:11:5A:AF:20:F5:A5:EE:AC:2D:98","sha256":"83:67:EE:83:CC:BF:10:67:72:95:99:3E:21:A8:22:89:24:EF:A4:3F:C2:73:4D:C8:94:9B:25:DB:CE:59:94:70"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: giftforyou.fans\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://giftforyou.fans/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 10 Apr 2026 15:15:36 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"1b7c22a214949975556626d7217e9a39","sha1":"d01c97e2944166ed23e47e4a62ff471ab8fa031f","sha256":"340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87","sha512":"ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5","ssdeep":"","tlshash":"59c08c6e2613bd4cc6a3217522c3b490c09aa3a7a4ea46214840805331cb29a8ac7396","first_seen":"2023-03-10T20:17:28Z","last_seen":"2026-04-12T19:28:55.078384Z","times_seen":41561,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"giftforyou.fans","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"giftforyou.fans/","fqdn":"giftforyou.fans","domain":"giftforyou.fans","tld":"fans"},"ip":{"addr":"45.142.140.165","port":443,"asn":39287,"as":"ab stract ltd","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T15:15:35.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"giftforyou.fans","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Apr 2026 07:22:07 GMT","end":"Thu, 09 Jul 2026 07:22:06 GMT"},"fingerprint":{"sha1":"5D:14:46:DA:C8:C8:9A:30:CB:8D:11:5A:AF:20:F5:A5:EE:AC:2D:98","sha256":"83:67:EE:83:CC:BF:10:67:72:95:99:3E:21:A8:22:89:24:EF:A4:3F:C2:73:4D:C8:94:9B:25:DB:CE:59:94:70"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: giftforyou.fans\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 10 Apr 2026 15:15:35 GMT\r\nContent-Type: text/html\r\nLast-Modified: Fri, 10 Apr 2026 09:25:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69d8c1fa-1345\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4933,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"2298147c056f6fe16fbdacd2393879b6","sha1":"7458c2399638d487062a996fbf6a72bf5d594521","sha256":"f090502b9bd3a3ea0fe2f0ad892a98cbc9b78394e5fad84cb0ccd8492b8a9712","sha512":"9f8c5a34e8a6d85411c579014267427f5f32ee112cd1a7a4433c808212e176779feacad95a0f814c7d5184f7cf673e7fa5e5c3067287bf0b31a3058b00efcce0","ssdeep":"48:Ten5fW+MwB+SHAvjL14D1yv3n4C9LtJJtEHnZTSPv70PjeTMdKj:1+MwB+SWqwvnN9BJJtSnhSL0b2","tlshash":"20a132976ae704147687d1b0abf69b6b3b618107c60bcc243fcc53988f41ac59db3b98","first_seen":"2026-04-10T15:16:00.408673Z","last_seen":"2026-04-10T15:16:14.476918Z","times_seen":2,"resource_available":true,"data":null}},"time_used":301,"timings":{"blocked":134,"dns":73,"connect":28,"send":0,"wait":28,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"giftforyou.fans","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}