{"report_id":"9d6f4b2c-966c-47fc-ad16-fb0eaf91e4a8","version":6,"status":"done","tags":[],"date":"2025-08-01T16:23:05Z","url":{"schema":"http","addr":"dt-fr-re.com/tds/ae?tdsId=s7733dem_r\u0026tds_campaign=s7733dem\u0026s1=ps\u0026utm_source=int\u0026utm_sub=opnfnl\u0026affid=95735cd9\u0026subid=15064\u0026clickid=da3PegR7C9nByb7uqeScSZ\u0026subid2=666","fqdn":"dt-fr-re.com","domain":"dt-fr-re.com","tld":"com"},"ip":{"addr":"3.167.2.20","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:neterror?e=dnsNotFound\u0026u=https%3A//mildb-yvk.com/\u0026c=UTF-8\u0026d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20mildb-yvk.com.","fqdn":"","domain":"","tld":""},"title":"Server Not Found"},"submit":{"url":{"schema":"http","addr":"dt-fr-re.com/tds/ae?tdsId=s7733dem_r\u0026tds_campaign=s7733dem\u0026s1=ps\u0026utm_source=int\u0026utm_sub=opnfnl\u0026affid=95735cd9\u0026subid=15064\u0026clickid=da3PegR7C9nByb7uqeScSZ\u0026subid2=666","fqdn":"dt-fr-re.com","domain":"dt-fr-re.com","tld":"com"},"ip":{"addr":"3.167.2.20","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-05T16:23:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-01","alert":"Sinkholed","trigger":"fc-for-hrd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"mildb-yvk.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-05-19","domain_rank":0,"first_seen":"2025-05-19T20:15:38.718679Z","last_seen":"2025-07-30T11:15:47.682798Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":482,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dt-fr-re.com","ip":{"addr":"3.167.2.62","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2024-05-29","domain_rank":0,"first_seen":"2024-12-15T18:20:57.714514Z","last_seen":"2025-07-19T07:03:14.292424Z","alert_count":0,"request_count":2,"received_data":4959,"sent_data":1051,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"netun-oum.com","ip":{"addr":"44.207.185.44","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2025-04-08","domain_rank":0,"first_seen":"2025-04-16T08:55:28.396706Z","last_seen":"2025-08-01T11:45:35.429776Z","alert_count":0,"request_count":3,"received_data":4112,"sent_data":2083,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fc-for-hrd.com","ip":{"addr":"54.240.174.82","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-01-02","domain_rank":0,"first_seen":"2025-06-02T08:45:22.974213Z","last_seen":"2025-07-30T10:05:16.080767Z","alert_count":3,"request_count":3,"received_data":2287,"sent_data":2769,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"vzbgkz.fabuiousdate.net","ip":{"addr":"72.52.179.174","port":443,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"domain_registered":"2023-05-16","domain_rank":0,"first_seen":"2022-06-03T04:33:09Z","last_seen":"2025-02-10T23:47:17.599116Z","alert_count":0,"request_count":2,"received_data":3695,"sent_data":2029,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vzbgkz.fabuiousdate.net/c/e2905f55ec3a568b?click_id=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026s5=15064\u0026s1=134505\u0026j1=1\u0026s3=sml_95735cd9\u0026s2=1298345\u0026j9=1\u0026tds_cid=ad39c4f7f4a455f56e860db84f96cd3d56033801","fqdn":"vzbgkz.fabuiousdate.net","domain":"fabuiousdate.net","tld":"net"},"ip":{"addr":"72.52.179.174","port":443,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"64b4fff8cb978f08d997d83345c66526","sha1":"dc8824ecf1e971edc4a1e5504707e09c962c4c7c","sha256":"d184af858f3b158a6a1df24f2c901b8649aa96159cfb8753dc4498e14cd9af3e","sha512":"52fc6905d2300f623d55a37f63b165a09bf2370b9aa3d6f0adade4e5fc078d4844551ba0f05e6022090d38169ba03aab5237660c71f01d249762f3b765484155","ssdeep":"","tlshash":"92319742f89ccc933024b9c5efacf2cc30139a9b054add1e6681855a14f3e5b577a9bc","size":1585,"data":"","first_seen":"2025-08-01T16:23:06.75291Z","last_seen":"2025-08-01T16:23:06.75291Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzbgkz.fabuiousdate.net/page/bouncy.php?\u0026bpae=GbhGtLvGtUx%2F9rvvvfEmIIe1vHtbh8LgL9c2Bpl6v5g3Ku5a9rPpkK774xs0ltSbLq1z5Oc9lL8%2BANQ286m%2Bq%2Bkw%2BGXigGWuofNRfJosc8NLgQRo%2FV4kdSG02v4Jbmu3CrpRBJne8FOt6cEQmqLclvLzCt9N7NzTPxFeGJ5JBw%2FoFvm9rQIyrVVwZ%2FLzXPErwqJn9KqclIQiIS98KHZq8lb09T6853BY9HaJu9WiOYARM8R7kHcCfwy4Fx2J89J91XJCU7Xx%2FRSOlOkJOs8xeYtg1uWHUztlw%2B%2F5dD4j3CqnfmUggUfwiJoAZhy64eSlaryM3LlSnuDlSvD%2FGV2JSHXBwDl0ZstysjnB%2B26qwysenjHVqFjH6obgFiIggg1gr4oIl%2BcZRoeHGMKce3pSi9pWDI1JxmKhy7OyRFgMP5F26J%2BRFbCnF417AFUQkQJKyztmog7L0jq91ZQ745Ac9c3onTIHGdpOUoaPsUrKdHtI%2BrNSApbtSswLGEOm4BX3TQjj3Fg%3D\u0026redirectType=js\u0026inIframe=false\u0026inPopUp=false","fqdn":"vzbgkz.fabuiousdate.net","domain":"fabuiousdate.net","tld":"net"},"ip":{"addr":"72.52.179.174","port":443,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"38dbf34bb9e6ccdb0bc150002f3a0568","sha1":"f3be2fc2f573f604f6a62fa2160de5efbcb599e4","sha256":"6a9dbb62efcc2b052ff633719f5e2f9e76f34be6be03a70163bec419b6c75e73","sha512":"b36daba74dfc4e804353cda4dfe26c77bbb636938ce0e88cfa305567b1a7daf2fc987f9652ebd5e8629695b469d5aafecf80bed94d59e9dcbaa6bf98c179bf76","ssdeep":"","tlshash":"8801c083764a6d7831de1070ce3bb2e9355baa6f4043dac14c696610b866067c37957d","size":708,"data":"","first_seen":"2025-08-01T16:23:06.755863Z","last_seen":"2025-08-01T16:23:06.755863Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"netun-oum.com/zclkvisitor/c1820f89-6ef3-11f0-9152-0affdea9b2e5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=8e8e7c70-d8a9-11ef-ba7f-12832fc4c381","fqdn":"netun-oum.com","domain":"netun-oum.com","tld":"com"},"ip":{"addr":"44.207.185.44","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f72d8574d551c69401be2089eaf1caa","sha1":"9a2363b34716f4634c3ec22448aa8be0a6eae271","sha256":"b0dc43b6f24ed7cbfb57a865f639d27c38fe8e7d94e7690c987c9abf311322d3","sha512":"4e717c1be7452dac2a54b16bca6bf5b472d8479543f47daa803bcf4c9fe5f43ebfdfd7d571c873dfc77474fb450506ec64c650f89f19423195add83572adc84e","ssdeep":"","tlshash":"e0511e756a7224706d2f240db73bd20a727a5233290be4417cae99084fb0e97715ebfd","size":2819,"data":"","first_seen":"2025-08-01T16:23:06.758938Z","last_seen":"2025-08-01T16:23:06.758938Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"netun-oum.com/zclkredirect?visitid=c1820f89-6ef3-11f0-9152-0affdea9b2e5\u0026type=js\u0026browserWidth=1280\u0026browserHeight=1024\u0026iframeDetected=false\u0026webdriverDetected=false\u0026gpu=Mesa%3B%20llvmpipe\u0026timezone=UTC%2B00%3A00\u0026timezoneName=UTC","fqdn":"netun-oum.com","domain":"netun-oum.com","tld":"com"},"ip":{"addr":"44.207.185.44","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:46.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"netun-oum.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Wed, 16 Apr 2025 00:00:00 GMT","end":"Fri, 15 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1B:63:95:9F:26:3E:5B:FB:1D:C8:11:A8:53:BB:6C:8A:3C:65:B8:9A","sha256":"3C:90:C2:B0:96:A8:FB:30:A5:5A:2C:0D:3E:83:EF:05:0E:FF:B7:89:38:F4:01:6A:84:8C:BB:37:C7:B2:75:31"}}},"request":{"raw":"GET /zclkredirect?visitid=c1820f89-6ef3-11f0-9152-0affdea9b2e5\u0026type=js\u0026browserWidth=1280\u0026browserHeight=1024\u0026iframeDetected=false\u0026webdriverDetected=false\u0026gpu=Mesa%3B%20llvmpipe\u0026timezone=UTC%2B00%3A00\u0026timezoneName=UTC HTTP/1.1\r\nHost: netun-oum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netun-oum.com/zclkvisitor/c1820f89-6ef3-11f0-9152-0affdea9b2e5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=8e8e7c70-d8a9-11ef-ba7f-12832fc4c381\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 01 Aug 2025 16:22:46 GMT\r\ncontent-length: 0\r\nlocation: http://mildb-yvk.com\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fc-for-hrd.com/tds/interlayer?handler=ExternalBackofferEvent\u0026urlIn=https%3A%2F%2Ffc-for-hrd.com%2Ftds%2Finterlayer%2Feb%2Fs%2Fe420b3245f0f4517d4442734c2fa4f71%3F__t%3D1754065363901%26__l%3D3600%26__c%3Dad39c4f7f4a455f56e860db84f96cd3d56033801%26__u%3D\u0026urlOut=https%3A%2F%2Fvzbgkz.fabuiousdate.net%2Fc%2Fe2905f55ec3a568b%3Fclick_id%3Dad39c4f7f4a455f56e860db84f96cd3d56033801%26s5%3D15064%26s1%3D134505%26j1%3D1%26s3%3Dsml_95735cd9%26s2%3D1298345%26j9%3D1%26tds_cid%3Dad39c4f7f4a455f56e860db84f96cd3d56033801\u0026altQs=utm_campaign%3D95735cd9%26utm_source%3Dint%26utm_content%3D15064%26data2%3Dda3PegR7C9nByb7uqeScSZ%26s1%3Dps%26s3%3D666%26tds_campaign%3Db3957mar%26tds_id%3Db3957mar_lp_a_1747405631428_smartlink%26tds_oid%3D355da478%26tds_cid%3Dad39c4f7f4a455f56e860db84f96cd3d56033801%26tds_ac_id%3Ds7733dem%26p_tds_cid%3D837822f3e81dc46c405c92e0b467e544663d2aed%26tds_host%3Ddt-fr-re.com%26tds_path%3D%252Ftds%252Fae%26dci%3D5c45024c54ed188ff612d789f5a1d7a365782781%26tds_ps%3Da\u0026tdsCid=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026reason=beacon\u0026visitsCount=1\u0026ts=1754065364437","fqdn":"fc-for-hrd.com","domain":"fc-for-hrd.com","tld":"com"},"ip":{"addr":"54.240.174.82","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=","date":"2025-08-01T16:22:44.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fc-for-hrd.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sat, 04 Jan 2025 00:00:00 GMT","end":"Mon, 02 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5C:6E:B8:16:C3:E2:0B:59:BC:E6:BE:BD:EB:33:43:D3:E3:5C:DF:F9","sha256":"43:5D:03:50:F0:FF:28:09:FF:07:28:9C:B9:8B:B6:E6:C9:28:29:2A:9A:A5:41:DB:A1:06:51:7E:41:6A:5C:2A"}}},"request":{"raw":"POST /tds/interlayer?handler=ExternalBackofferEvent\u0026urlIn=https%3A%2F%2Ffc-for-hrd.com%2Ftds%2Finterlayer%2Feb%2Fs%2Fe420b3245f0f4517d4442734c2fa4f71%3F__t%3D1754065363901%26__l%3D3600%26__c%3Dad39c4f7f4a455f56e860db84f96cd3d56033801%26__u%3D\u0026urlOut=https%3A%2F%2Fvzbgkz.fabuiousdate.net%2Fc%2Fe2905f55ec3a568b%3Fclick_id%3Dad39c4f7f4a455f56e860db84f96cd3d56033801%26s5%3D15064%26s1%3D134505%26j1%3D1%26s3%3Dsml_95735cd9%26s2%3D1298345%26j9%3D1%26tds_cid%3Dad39c4f7f4a455f56e860db84f96cd3d56033801\u0026altQs=utm_campaign%3D95735cd9%26utm_source%3Dint%26utm_content%3D15064%26data2%3Dda3PegR7C9nByb7uqeScSZ%26s1%3Dps%26s3%3D666%26tds_campaign%3Db3957mar%26tds_id%3Db3957mar_lp_a_1747405631428_smartlink%26tds_oid%3D355da478%26tds_cid%3Dad39c4f7f4a455f56e860db84f96cd3d56033801%26tds_ac_id%3Ds7733dem%26p_tds_cid%3D837822f3e81dc46c405c92e0b467e544663d2aed%26tds_host%3Ddt-fr-re.com%26tds_path%3D%252Ftds%252Fae%26dci%3D5c45024c54ed188ff612d789f5a1d7a365782781%26tds_ps%3Da\u0026tdsCid=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026reason=beacon\u0026visitsCount=1\u0026ts=1754065364437 HTTP/1.1\r\nHost: fc-for-hrd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://fc-for-hrd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\ndate: Fri, 01 Aug 2025 16:22:44 GMT\r\ntiming-allow-origin: *\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA\r\nserver: nginx\r\naccess-control-allow-origin: *\r\np3p: CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nx-amz-cf-id: m4XeTpIATxrN5Cal9m4mSn_aeQ-Hqpvtc1zsTIhawB09g2Vcz5FlnQ==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-01","alert":"Sinkholed","trigger":"fc-for-hrd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vzbgkz.fabuiousdate.net/c/e2905f55ec3a568b?click_id=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026s5=15064\u0026s1=134505\u0026j1=1\u0026s3=sml_95735cd9\u0026s2=1298345\u0026j9=1\u0026tds_cid=ad39c4f7f4a455f56e860db84f96cd3d56033801","fqdn":"vzbgkz.fabuiousdate.net","domain":"fabuiousdate.net","tld":"net"},"ip":{"addr":"72.52.179.174","port":443,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:44.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzbgkz.fabuiousdate.net","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 May 2025 21:23:31 GMT","end":"Fri, 29 Aug 2025 21:23:30 GMT"},"fingerprint":{"sha1":"60:A6:4A:FB:8E:FF:9D:8A:E8:8F:F8:F9:A2:F2:8E:0F:A4:55:F7:36","sha256":"5E:F3:F6:E2:75:BC:54:3C:73:23:89:F3:85:7C:D1:00:D5:4E:30:5E:14:9D:A1:DC:4B:44:22:54:18:F2:6F:CB"}}},"request":{"raw":"GET /c/e2905f55ec3a568b?click_id=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026s5=15064\u0026s1=134505\u0026j1=1\u0026s3=sml_95735cd9\u0026s2=1298345\u0026j9=1\u0026tds_cid=ad39c4f7f4a455f56e860db84f96cd3d56033801 HTTP/1.1\r\nHost: vzbgkz.fabuiousdate.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fc-for-hrd.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 01 Aug 2025 16:22:45 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2308,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (644)","md5":"27c441ac9110383f86545c9bbc5ff693","sha1":"e54ef59d0ce9073618c0bb914ab3c216a9dec79a","sha256":"fecdb95bc8628e8563fa5679afb78d77b12c5c3efe2275c191c286deb79cca02","sha512":"1e31094b8cce01000df05c4f66b589b3f1456ea5cb29717ae7af61ef7603bb2608befc84e94aa94046cbbd1fb06f4e2066b400124a863ab833dfba95585e923e","ssdeep":"","tlshash":"47418646f85ccd932024bac5abacf1cc30139a9a054add1e6682804b18f7f5b5b779bc","first_seen":"2025-08-01T16:23:06.736856Z","last_seen":"2025-08-01T16:23:06.736856Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1693,"timings":{"blocked":529,"dns":274,"connect":123,"send":0,"wait":634,"receive":0,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vzbgkz.fabuiousdate.net/page/bouncy.php?\u0026bpae=GbhGtLvGtUx%2F9rvvvfEmIIe1vHtbh8LgL9c2Bpl6v5g3Ku5a9rPpkK774xs0ltSbLq1z5Oc9lL8%2BANQ286m%2Bq%2Bkw%2BGXigGWuofNRfJosc8NLgQRo%2FV4kdSG02v4Jbmu3CrpRBJne8FOt6cEQmqLclvLzCt9N7NzTPxFeGJ5JBw%2FoFvm9rQIyrVVwZ%2FLzXPErwqJn9KqclIQiIS98KHZq8lb09T6853BY9HaJu9WiOYARM8R7kHcCfwy4Fx2J89J91XJCU7Xx%2FRSOlOkJOs8xeYtg1uWHUztlw%2B%2F5dD4j3CqnfmUggUfwiJoAZhy64eSlaryM3LlSnuDlSvD%2FGV2JSHXBwDl0ZstysjnB%2B26qwysenjHVqFjH6obgFiIggg1gr4oIl%2BcZRoeHGMKce3pSi9pWDI1JxmKhy7OyRFgMP5F26J%2BRFbCnF417AFUQkQJKyztmog7L0jq91ZQ745Ac9c3onTIHGdpOUoaPsUrKdHtI%2BrNSApbtSswLGEOm4BX3TQjj3Fg%3D\u0026redirectType=js\u0026inIframe=false\u0026inPopUp=false","fqdn":"vzbgkz.fabuiousdate.net","domain":"fabuiousdate.net","tld":"net"},"ip":{"addr":"72.52.179.174","port":443,"asn":32244,"as":"LIQUIDWEB","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:45.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vzbgkz.fabuiousdate.net","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 May 2025 21:23:31 GMT","end":"Fri, 29 Aug 2025 21:23:30 GMT"},"fingerprint":{"sha1":"60:A6:4A:FB:8E:FF:9D:8A:E8:8F:F8:F9:A2:F2:8E:0F:A4:55:F7:36","sha256":"5E:F3:F6:E2:75:BC:54:3C:73:23:89:F3:85:7C:D1:00:D5:4E:30:5E:14:9D:A1:DC:4B:44:22:54:18:F2:6F:CB"}}},"request":{"raw":"GET /page/bouncy.php?\u0026bpae=GbhGtLvGtUx%2F9rvvvfEmIIe1vHtbh8LgL9c2Bpl6v5g3Ku5a9rPpkK774xs0ltSbLq1z5Oc9lL8%2BANQ286m%2Bq%2Bkw%2BGXigGWuofNRfJosc8NLgQRo%2FV4kdSG02v4Jbmu3CrpRBJne8FOt6cEQmqLclvLzCt9N7NzTPxFeGJ5JBw%2FoFvm9rQIyrVVwZ%2FLzXPErwqJn9KqclIQiIS98KHZq8lb09T6853BY9HaJu9WiOYARM8R7kHcCfwy4Fx2J89J91XJCU7Xx%2FRSOlOkJOs8xeYtg1uWHUztlw%2B%2F5dD4j3CqnfmUggUfwiJoAZhy64eSlaryM3LlSnuDlSvD%2FGV2JSHXBwDl0ZstysjnB%2B26qwysenjHVqFjH6obgFiIggg1gr4oIl%2BcZRoeHGMKce3pSi9pWDI1JxmKhy7OyRFgMP5F26J%2BRFbCnF417AFUQkQJKyztmog7L0jq91ZQ745Ac9c3onTIHGdpOUoaPsUrKdHtI%2BrNSApbtSswLGEOm4BX3TQjj3Fg%3D\u0026redirectType=js\u0026inIframe=false\u0026inPopUp=false HTTP/1.1\r\nHost: vzbgkz.fabuiousdate.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzbgkz.fabuiousdate.net/c/e2905f55ec3a568b?click_id=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026s5=15064\u0026s1=134505\u0026j1=1\u0026s3=sml_95735cd9\u0026s2=1298345\u0026j9=1\u0026tds_cid=ad39c4f7f4a455f56e860db84f96cd3d56033801\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 01 Aug 2025 16:22:45 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":991,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"93a4897382c40aa323c4c0e589c2ae09","sha1":"d04d5c221776c9981b6998758328fa94ba38a08b","sha256":"8ca933f5b715a86df83a5e61229bb5522fb054e83ae71e6d93e6c92d7632a2db","sha512":"00c317e613f3e6a83aa963e7fee0af154e30bee07dd7ad86f0adb610d479d86b7d2c061d3a82761e4b94b47d45833b9e5edcb64b53024a4c1e6f956554cb416d","ssdeep":"","tlshash":"991121837c469e7d20ee2070ca3bf2ad3597aa5f8043d981486aa101bc261a3c33a13d","first_seen":"2025-08-01T16:23:06.739924Z","last_seen":"2025-08-01T16:23:06.739924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"netun-oum.com/favicon.ico","fqdn":"netun-oum.com","domain":"netun-oum.com","tld":"com"},"ip":{"addr":"44.207.185.44","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://netun-oum.com/zclkvisitor/c1820f89-6ef3-11f0-9152-0affdea9b2e5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=8e8e7c70-d8a9-11ef-ba7f-12832fc4c381","date":"2025-08-01T16:22:46.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"netun-oum.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Wed, 16 Apr 2025 00:00:00 GMT","end":"Fri, 15 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1B:63:95:9F:26:3E:5B:FB:1D:C8:11:A8:53:BB:6C:8A:3C:65:B8:9A","sha256":"3C:90:C2:B0:96:A8:FB:30:A5:5A:2C:0D:3E:83:EF:05:0E:FF:B7:89:38:F4:01:6A:84:8C:BB:37:C7:B2:75:31"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: netun-oum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netun-oum.com/zclkvisitor/c1820f89-6ef3-11f0-9152-0affdea9b2e5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=8e8e7c70-d8a9-11ef-ba7f-12832fc4c381\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 01 Aug 2025 16:22:46 GMT\r\ncontent-type: application/json\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":82,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"af8017429ba66c9f91c85d25866adc2e","sha1":"7e482766721bf9d9a2d006086c2a079ad7e9b6a4","sha256":"8ab127b8087115eef79de327db9cdc1ed5dd095b856c9ff826d9ed8b8c51360a","sha512":"984cb5bd20af7859fb12a69f88fee44e93b74b941b5ac2043c74b0a7f4f14af4308ee68f756d2d07c466ab0639171ebf362e51aeb8fbbd81b69691641b0050f1","ssdeep":"","tlshash":"cca024010445f03d5f51c17c14c5053cd104c5c00c3d0c4d70ddd430d43450f7014400","first_seen":"2025-08-01T16:23:06.742875Z","last_seen":"2025-08-01T16:23:06.742875Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"netun-oum.com/zclkvisitor/c1820f89-6ef3-11f0-9152-0affdea9b2e5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=8e8e7c70-d8a9-11ef-ba7f-12832fc4c381","fqdn":"netun-oum.com","domain":"netun-oum.com","tld":"com"},"ip":{"addr":"44.207.185.44","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:45.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"netun-oum.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Wed, 16 Apr 2025 00:00:00 GMT","end":"Fri, 15 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1B:63:95:9F:26:3E:5B:FB:1D:C8:11:A8:53:BB:6C:8A:3C:65:B8:9A","sha256":"3C:90:C2:B0:96:A8:FB:30:A5:5A:2C:0D:3E:83:EF:05:0E:FF:B7:89:38:F4:01:6A:84:8C:BB:37:C7:B2:75:31"}}},"request":{"raw":"GET /zclkvisitor/c1820f89-6ef3-11f0-9152-0affdea9b2e5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=8e8e7c70-d8a9-11ef-ba7f-12832fc4c381 HTTP/1.1\r\nHost: netun-oum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vzbgkz.fabuiousdate.net/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 01 Aug 2025 16:22:46 GMT\r\ncontent-type: text/html;charset=UTF-8\r\ncontent-length: 3088\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: X-Requested-With,Content-Type\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3088,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (409)","md5":"e96e026818aba3d4a25f08d96789bd02","sha1":"d1b4b5b06a5848adc23428c86074c66957601048","sha256":"4e4ed996c7b723805a9345681ffce8371817e163185a63986f4b24dbb2ab4b1e","sha512":"9a80cd67ad413400547cf098fb7b088efd969ca61d0fdcc4d15254681e037a00d98d4163e6a08f7fd70de3fff6a1b2c6c5baed275c214058314b8057a96e0913","ssdeep":"","tlshash":"cc512fb56ab224702d2f240da73ae20a72775233290bd441789d99084fb4e93655fbfd","first_seen":"2025-08-01T16:23:06.745758Z","last_seen":"2025-08-01T16:23:06.745758Z","times_seen":1,"resource_available":false,"data":null}},"time_used":690,"timings":{"blocked":293,"dns":12,"connect":92,"send":0,"wait":95,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mildb-yvk.com/","fqdn":"mildb-yvk.com","domain":"mildb-yvk.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:46.701Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: mildb-yvk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dt-fr-re.com/tds/ae?tdsId=s7733dem_r\u0026tds_campaign=s7733dem\u0026s1=ps\u0026utm_source=int\u0026utm_sub=opnfnl\u0026affid=95735cd9\u0026subid=15064\u0026clickid=da3PegR7C9nByb7uqeScSZ\u0026subid2=666","fqdn":"dt-fr-re.com","domain":"dt-fr-re.com","tld":"com"},"ip":{"addr":"3.167.2.62","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:43.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dt-fr-re.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3F:2C:B8:12:DA:12:20:AB:B9:FB:42:83:EB:79:E8:26:7F:26:3A:5E","sha256":"7E:33:8A:70:94:C6:AD:FF:00:41:40:E3:3D:E2:AD:D5:DE:A5:68:F8:28:0C:53:B6:B9:4F:43:80:7B:92:DD:6A"}}},"request":{"raw":"GET /tds/ae?tdsId=s7733dem_r\u0026tds_campaign=s7733dem\u0026s1=ps\u0026utm_source=int\u0026utm_sub=opnfnl\u0026affid=95735cd9\u0026subid=15064\u0026clickid=da3PegR7C9nByb7uqeScSZ\u0026subid2=666 HTTP/1.1\r\nHost: dt-fr-re.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=\r\ndate: Fri, 01 Aug 2025 16:22:43 GMT\r\nset-cookie: dci=5c45024c54ed188ff612d789f5a1d7a365782781; Max-Age=31536000; Domain=.dt-fr-re.com; Path=/; Expires=Sat, 01 Aug 2026 16:22:43 GMT; Secure; SameSite=None\ndm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Wed, 06 Aug 2025 16:22:43 GMT\r\nserver: nginx\r\naccess-control-allow-origin: *\r\np3p: CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\ntiming-allow-origin: *\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 c16cb9fc938243bd0209a41893a00da4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: HPAvIaX5ZP7kSyxZ_dEaXjbgpJMBp_Rbd0x-G82m4wk2CJTvNQnkRQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":927,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":1080,"timings":{"blocked":382,"dns":133,"connect":4,"send":0,"wait":316,"receive":0,"ssl":243},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=","fqdn":"fc-for-hrd.com","domain":"fc-for-hrd.com","tld":"com"},"ip":{"addr":"54.240.174.82","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-01T16:22:43.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fc-for-hrd.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sat, 04 Jan 2025 00:00:00 GMT","end":"Mon, 02 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5C:6E:B8:16:C3:E2:0B:59:BC:E6:BE:BD:EB:33:43:D3:E3:5C:DF:F9","sha256":"43:5D:03:50:F0:FF:28:09:FF:07:28:9C:B9:8B:B6:E6:C9:28:29:2A:9A:A5:41:DB:A1:06:51:7E:41:6A:5C:2A"}}},"request":{"raw":"GET /tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u= HTTP/1.1\r\nHost: fc-for-hrd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ndate: Fri, 01 Aug 2025 16:22:44 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nserver: nginx\r\naccess-control-allow-origin: *\r\np3p: CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\ntiming-allow-origin: *\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: fGnECjnoIbFf5ou4i4X1568e54Wj-sFfi-12-V-9p44WJEG_4znizA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":927,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (927), with no line terminators","md5":"a691468d8701af8ae1b9629890d5ec2b","sha1":"e305c3cb61e0ddc956a83a931500684d5ae3fdf0","sha256":"22fe20e7ca7085134c155d526f993ebfcdd5de41895d927750aa2a0c3a9b8b73","sha512":"44f215fa3852f8695b00991d3ee0cdef058f41155d56bb9f894bfe3ec5493da684c452ff75fe1f9279854b91c7c9e377efdc2d4c564d053440a4c65ed1b95f5b","ssdeep":"","tlshash":"301104af5c06c525b6351a540ad1760520f71e4fe9d7445140d81c3e48e3bb67ec9f1d","first_seen":"2025-08-01T16:23:06.748885Z","last_seen":"2025-08-01T16:23:06.748885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":80,"dns":22,"connect":1,"send":0,"wait":78,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-01","alert":"Sinkholed","trigger":"fc-for-hrd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dt-fr-re.com/lp-external/index.js","fqdn":"dt-fr-re.com","domain":"dt-fr-re.com","tld":"com"},"ip":{"addr":"3.167.2.20","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=","date":"2025-08-01T16:22:44.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dt-fr-re.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3F:2C:B8:12:DA:12:20:AB:B9:FB:42:83:EB:79:E8:26:7F:26:3A:5E","sha256":"7E:33:8A:70:94:C6:AD:FF:00:41:40:E3:3D:E2:AD:D5:DE:A5:68:F8:28:0C:53:B6:B9:4F:43:80:7B:92:DD:6A"}}},"request":{"raw":"GET /lp-external/index.js HTTP/1.1\r\nHost: dt-fr-re.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fc-for-hrd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Fri, 01 Aug 2025 16:22:44 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nserver: nginx\r\naccess-control-allow-origin: *\r\np3p: CP=\"CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\ntiming-allow-origin: *\r\nx-robots-tag: noindex\r\naccept-ranges: bytes\r\ncache-control: public, max-age=3600\r\nlast-modified: Mon, 28 Jul 2025 17:10:43 GMT\r\netag: W/\"8ad-1985203e238\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 4e0a1f367f79652e0e7d03fa585de7b2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: per7JHKhRouhwo1XIWP5BMaX_zDA5fc93nNmIioDLS-Cqj4VvVRcwA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":2221,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2220)","md5":"3981635ebf3d9c59dd59c4cfa3fff557","sha1":"72bf2eea6d9588d39af4ec72bab27e74c3204558","sha256":"1ffe519cc782c2c8bc45a2436c14db80daed5e6c08dc3b32ea3e8a563f77efc1","sha512":"2e79bc83d70cea0a2377c86fb8af93d86a6fa8cb6363c103ccb4022c60129f323cdd6e890164fb3ff81011f2e94c7c35a26936a23e817d9c9e4a779b960674dd","ssdeep":"","tlshash":"2c41f39b750516154aef106b872f7a4ca2b303b97cae94504127ee613a30b0f4717fad","first_seen":"2024-12-01T02:36:16.439904Z","last_seen":"2026-02-02T19:51:22.725483Z","times_seen":462,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":28,"dns":0,"connect":1,"send":0,"wait":43,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fc-for-hrd.com/favicon.ico","fqdn":"fc-for-hrd.com","domain":"fc-for-hrd.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=","date":"2025-08-01T16:22:44.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fc-for-hrd.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sat, 04 Jan 2025 00:00:00 GMT","end":"Mon, 02 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5C:6E:B8:16:C3:E2:0B:59:BC:E6:BE:BD:EB:33:43:D3:E3:5C:DF:F9","sha256":"43:5D:03:50:F0:FF:28:09:FF:07:28:9C:B9:8B:B6:E6:C9:28:29:2A:9A:A5:41:DB:A1:06:51:7E:41:6A:5C:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: fc-for-hrd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fc-for-hrd.com/tds/interlayer/eb/s/e420b3245f0f4517d4442734c2fa4f71?__t=1754065363901\u0026__l=3600\u0026__c=ad39c4f7f4a455f56e860db84f96cd3d56033801\u0026__u=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-01","alert":"Sinkholed","trigger":"fc-for-hrd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}