{"report_id":"a64b8fb4-88a1-45bf-a2df-e844d2d61359","version":6,"status":"done","tags":[],"date":"2026-03-29T12:09:20Z","url":{"schema":"http","addr":"applebuscarbr.com","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"172.67.159.210","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"title":"Buscar Dispositivos do iCloud","dom":{"size":136697,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4242)","md5":"8e01e42ec26dd56d484879fcb6791658","sha1":"bd696c20ef9a8aeb81a513bb42f458c93d8320f1","sha256":"5239a109f2234b9568c1aace1820b4c6df91b1ac086da3d9b5591e1d30397c08","sha512":"bd98cd2e524f4ea213ca69679ec5e35c3a53aa915e0a593651fe55abd4a042e5d084940f234c9ad0028d6250b1c43173c9f30bc597611ff7f70a346436001297","ssdeep":"1536:8ucnjFmtVDAr70cz5PUT6pSuz/PPHG6KzeWPdWdTTa8Odsy1A6mavpMfHJXI:xez7LjPG6KH1My8UPLrvpWHJXI","tlshash":"b5d34b7a27e91e79911734649e4f91c8ee21800b651ad9783a9cb3d42fedc3401b6ff8","dom_hash":"domhash7d7776b0b706b7dbab923822b7da4623","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"applebuscarbr.com","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"172.67.159.210","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-03T12:09:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"applebuscarbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"applebuscarbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"applebuscarbr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"applebuscarbr.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-10","domain_rank":0,"first_seen":"2025-04-19T13:13:07.563327Z","last_seen":"2026-03-29T02:22:07.760062Z","alert_count":6,"request_count":2,"received_data":274795,"sent_data":1031,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"www.icloud.com","ip":{"addr":"2.20.166.31","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1999-01-15","domain_rank":8674,"first_seen":"2012-07-01T18:35:11Z","last_seen":"2026-03-27T12:53:07.446013Z","alert_count":0,"request_count":2,"received_data":1782,"sent_data":951,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"72300f0d11e7726a16f022236149f145","sha1":"a1ad6ba706077522ad2970c866fa42263f32e02c","sha256":"39a408fc12dbb4f0bd4419a45a1e03abf0db936b006aac424961fe0dda03d17c","sha512":"3f45dee98eeaecbe0835fa66d02ca10b912f639e9dac542f419bac19a6f8f65f35357d5e14e060d7f2872a960c815da835639f2840bf1b094845a84d255062f2","ssdeep":"96:jYeK0j7onYrhCzk0BpPvJ/ZF5uh+u6q5Vd290XAJ:jY90yd/PvJ/2/d291","tlshash":"45a1759f35a0033d866b38a9a24fd5943a1030679161fe23a0adc7c47fd4db1527b6db","size":5017,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.63461Z","times_seen":677,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"58831b2ad1553ecbcd6b589b60cbe654","sha1":"0b692c508886809fcc5cb27f52adee50f7ae14e8","sha256":"d0d15733805a1e0289e3a7b28f5724ae182dd16d88ba99a282f4f7fcdc8ff153","sha512":"fc6169058252df5c75754459e3ee78eb6d765ab13084dfafc4f7a55cc4779d000b9eaa34936277c958ba9d872d4e080f63276fc3dd6abaa6e652da099e594f7d","ssdeep":"768:+5OA0tbAM2pUVyB4qK3I7r9IIQCwfbhDExfjcJjSA/HiNrLwCzK8GH4FZ7GS:cUT6pSuz/PPHGS","tlshash":"1543711e57ea1d71d01234299f8f62c9da21811b691be9bc396db3c81fadd3401b8fb4","size":56027,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.635807Z","times_seen":677,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2bfb0c2eda1f84981ae9d1c659b44a35","sha1":"bf8f9544b75c4d94d113531683f1e94113dcb848","sha256":"5613497461be567bfd58b9de6fd76722a32aa222ee68f60ab30702fb4f1188e6","sha512":"aa62c4cffeebf66e18b381e863d09874c616fdcc32e735a8bc7a9d46355b90676c2852d9609068aa6d892e32e94c640f7775cae004535e82c73c90c3771db1be","ssdeep":"","tlshash":"31815619fcf913750a5b20756b1f2489e9b4412b2161c8e03c9cc7590fb0d6552fafda","size":4061,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.637026Z","times_seen":677,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a5a08285ea78555e04588d9cd60cca44","sha1":"db10a44fd704e0a3ff939b52007e0eac5ee98041","sha256":"247e8190edafa6975a77e46ebc87faec558852fd5f595f0512018448f72d4998","sha512":"744ed9b4b03a9d02804a7b34b837b4cb91604ec4bc1bb687f4aa5728bfce247ccdbdd446bfbb2b69ef54ee78cce6c711de831d70cb3211e60cbd1a2597720666","ssdeep":"96:INcwyWLc99ErP3uMnUpSxfXQ18YktNkN+s5Y8umxYB:INcwyP9ErGMUpMfXg8YktNkN+Euf","tlshash":"82b1b4d9b651737fd6ae18e1c43f8286e474a9a165086c223648e0f630b4ce500bffe9","size":5231,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.638008Z","times_seen":677,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f158cd9726c3b52083a49a634d6751b","sha1":"430dcfd82ae0c06c38d38e27bbb1cec7de33e227","sha256":"702bccec0811932d88c3c1b11e32963aae01e224c28d29e6d48966371892b0ee","sha512":"103b40544557af50c05f79014bd00701c3daec95295c61db3df03034cbcdee97485729ac24b80a0b64f9ff3f09f3f753fa377caf13e62338100f2d0b3f3806bd","ssdeep":"","tlshash":"4101498d41982abf972885882496d9048ed868c74ad0a2f3795cdf6dd7b5091b2707c6","size":672,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.639058Z","times_seen":670,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fdee2bfcc6a8426c7478df7f47905cc9","sha1":"bf19073506333d0d6aaf739a7bda28c9b8f9bc94","sha256":"40dd8e736a2f7bf793fdded2264de8ba973657f4d8ca2ee034fc69731c222517","sha512":"0fca7355163d551563c4430960c52f9d3680519731f18f823ce179ad8c37022d84919b5c18a17ef17940df6040be53b0544dad9a339d2c057d7c2e88c66f1886","ssdeep":"","tlshash":"ead07238047ce3224bf0002efa0e242c9a1a0c3057b362a3fc99831c3070ce8a2b88d3","size":286,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.640147Z","times_seen":676,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8035057756b65121bd933b9810cae9e","sha1":"35847f2d01ae1eb130d692d5b613513f700ecb9a","sha256":"cfd7bd2b9080e7860ca7c3bc343089407127e75964ffc9fde69b822a0b42e644","sha512":"3c02aae36fae1a7c8b35208786399db29fb47a3c1457dfcdc64f109ae38e49a705a3271a5e259e22ada0047fea0c5a796153340e1414dc18dfb4fdd8db1eab63","ssdeep":"","tlshash":"37a0129734d206b08b8f56ea201481c01a70050c0e030631004c6811a092cc251399d0","size":86,"data":"","first_seen":"2023-03-07T14:37:46Z","last_seen":"2026-06-07T02:19:37.641131Z","times_seen":674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"applebuscarbr.com/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-29T12:08:59.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applebuscarbr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Feb 2026 01:42:05 GMT","end":"Thu, 14 May 2026 02:40:53 GMT"},"fingerprint":{"sha1":"89:2F:B0:7D:88:5D:8B:21:D8:2F:0E:15:E5:89:26:DE:2C:7A:A9:0C","sha256":"50:26:ED:53:F7:93:07:D3:2A:17:95:5E:C8:8A:E7:02:2D:FF:6D:E2:6D:F1:31:54:DC:96:43:27:13:AD:59:1A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: applebuscarbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 29 Mar 2026 12:08:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: ./expire/\r\nx-powered-by: PHP/8.1.34\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=00ec3ffafe9be70fcda9d6a9b96eb896; path=/\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uiawkOQukCz3tXZzYeiCEtR86JnTyMSa%2F2mgoGKqyJVcTamN5MWQq%2FCafjaenf4mJOfFzd5SNur%2B21Yq%2BhEQC9XGdi8s2RdNv%2BbngykTMStnz0fFpek9nUbNPVMCD4TEXhWm2g%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e3ec35a98f5c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":136685,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":662,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"applebuscarbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"applebuscarbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"applebuscarbr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"applebuscarbr.com/expire/","fqdn":"applebuscarbr.com","domain":"applebuscarbr.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-29T12:08:59.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"applebuscarbr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Feb 2026 01:42:05 GMT","end":"Thu, 14 May 2026 02:40:53 GMT"},"fingerprint":{"sha1":"89:2F:B0:7D:88:5D:8B:21:D8:2F:0E:15:E5:89:26:DE:2C:7A:A9:0C","sha256":"50:26:ED:53:F7:93:07:D3:2A:17:95:5E:C8:8A:E7:02:2D:FF:6D:E2:6D:F1:31:54:DC:96:43:27:13:AD:59:1A"}}},"request":{"raw":"GET /expire/ HTTP/1.1\r\nHost: applebuscarbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=00ec3ffafe9be70fcda9d6a9b96eb896\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 29 Mar 2026 12:09:00 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 05 Aug 2024 13:52:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B2fVZDQqB9NR63wvg6JiaiIzvDttXgK9N9Gxy0fHnUHvWHdy%2FSlirVOlluOQShnVdop0ewYyRf9rkZNkoWq%2F7HxEBcSj9qLHXiSqiOrZeLNeZFR1XbYxy3LR2a0%2FGnjuAFl9Qw%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e3ec35eb9c8c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":136685,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4242)","md5":"d7579c1998380308457316dc28227af1","sha1":"5382466054e4c1006417180d4459795176195593","sha256":"3c9873a81b9e062397e1185df9ccbce4326ff9edae53024a2dc23a31beaaf691","sha512":"5d78159f14ab9d9593ccd850dc5a1b30850579fd19dbfd6dc60777484526553e7d69f4909998cc773edc81aced5d7d922b776e0406cf60c371919b897bd730fa","ssdeep":"1536:OPnjFmtvDAr70c35nUT6pSuz/PPHGR3zeWPdWdTTa8Odsy1A6mavpMfHJXl:4L7LzPGR3H1My8UPLrvpWHJXl","tlshash":"3ed34b7a27e91e79911734649e4f92c8ee21800b651ad9783a9cb3d42fedc3401b6ff4","first_seen":"2025-04-18T11:57:06.336306Z","last_seen":"2026-04-06T09:59:24.451708Z","times_seen":24,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-29","alert":"Phishing Block","trigger":"applebuscarbr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"applebuscarbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-29","alert":"Sinkholed","trigger":"applebuscarbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.icloud.com/system/icloud.com/2420Hotfix12/apple-touch-icon.png","fqdn":"www.icloud.com","domain":"icloud.com","tld":"com"},"ip":{"addr":"2.20.166.31","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applebuscarbr.com/expire/","date":"2026-03-29T12:09:00.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.icloud.com","organization":"Apple Inc."},"issuer":{"commonName":"Apple Public EV Server RSA CA 1 - G1","organization":"Apple Inc."},"validity":{"start":"Tue, 24 Feb 2026 17:38:51 GMT","end":"Tue, 01 Sep 2026 19:55:33 GMT"},"fingerprint":{"sha1":"67:39:61:38:92:80:DC:81:78:9F:CE:08:E0:BD:B8:AA:57:D1:48:A0","sha256":"83:D2:C4:63:9A:D5:17:44:D0:CB:3D:2A:02:E6:82:37:F7:FE:F6:83:27:4D:36:06:DF:B8:6C:B1:49:E9:E1:D6"}}},"request":{"raw":"GET /system/icloud.com/2420Hotfix12/apple-touch-icon.png HTTP/1.1\r\nHost: www.icloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applebuscarbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: AppleHttpServer/a3fb6e96e80a\r\ncontent-type: text/html\r\ncontent-length: 1205\r\netag: \"19ccc43e2d84b5\"\r\ncontent-language: en-us\r\ncontent-encoding: br\r\nvary: accept-encoding\r\ncontent-version: V1\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nexpect-ct: max-age=30, report-uri=\"https://feedbackws.icloud.com/reportRaw\"\r\nx-robots-tag: none, noarchive\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\ncontent-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'\r\nx-apple-request-uuid: 082afdd1-1037-4923-aab2-ba3063c3d2bf\r\naccess-control-expose-headers: X-Apple-Request-UUID,Via\r\ndate: Sun, 29 Mar 2026 12:09:00 GMT\r\nset-cookie: x-apple-group=false; path=/; domain=.icloud.com; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":66,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.icloud.com/system/icloud.com/2420Hotfix12/favicon-16x16.png","fqdn":"www.icloud.com","domain":"icloud.com","tld":"com"},"ip":{"addr":"2.20.166.31","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applebuscarbr.com/expire/","date":"2026-03-29T12:09:00.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.icloud.com","organization":"Apple Inc."},"issuer":{"commonName":"Apple Public EV Server RSA CA 1 - G1","organization":"Apple Inc."},"validity":{"start":"Tue, 24 Feb 2026 17:38:51 GMT","end":"Tue, 01 Sep 2026 19:55:33 GMT"},"fingerprint":{"sha1":"67:39:61:38:92:80:DC:81:78:9F:CE:08:E0:BD:B8:AA:57:D1:48:A0","sha256":"83:D2:C4:63:9A:D5:17:44:D0:CB:3D:2A:02:E6:82:37:F7:FE:F6:83:27:4D:36:06:DF:B8:6C:B1:49:E9:E1:D6"}}},"request":{"raw":"GET /system/icloud.com/2420Hotfix12/favicon-16x16.png HTTP/1.1\r\nHost: www.icloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applebuscarbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: AppleHttpServer/a3fb6e96e80a\r\ncontent-type: text/html\r\ncontent-length: 1205\r\netag: \"19ccc43e2d84b5\"\r\ncontent-language: en-us\r\ncontent-encoding: br\r\nvary: accept-encoding\r\ncontent-version: V1\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nexpect-ct: max-age=30, report-uri=\"https://feedbackws.icloud.com/reportRaw\"\r\nx-robots-tag: none, noarchive\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\ncontent-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'\r\nx-apple-request-uuid: 30f72f50-05d1-425d-87b5-b201d2561a67\r\naccess-control-expose-headers: X-Apple-Request-UUID,Via\r\ndate: Sun, 29 Mar 2026 12:09:00 GMT\r\nset-cookie: x-apple-group=false; path=/; domain=.icloud.com; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":151,"receive":1,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}