{"report_id":"a6a8c1d2-c9c6-4424-a9c0-e1abb5bdf0ce","version":6,"status":"done","tags":[],"date":"2025-06-27T11:08:43Z","url":{"schema":"http","addr":"dslfndqpednqu.xyz/","fqdn":"dslfndqpednqu.xyz","domain":"dslfndqpednqu.xyz","tld":"xyz"},"ip":{"addr":"104.21.71.212","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-05T11:08:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"dslfndqpednqu.xyz","ip":{"addr":"172.67.171.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-24","domain_rank":0,"first_seen":"2025-06-27T11:08:43.703217Z","last_seen":"2025-06-27T11:08:43.703217Z","alert_count":1,"request_count":1,"received_data":7649,"sent_data":486,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-27","alert":"Sinkholed","trigger":"dslfndqpednqu.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"dslfndqpednqu.xyz/","fqdn":"dslfndqpednqu.xyz","domain":"dslfndqpednqu.xyz","tld":"xyz"},"ip":{"addr":"172.67.171.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-06-27T11:08:21.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dslfndqpednqu.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 May 2025 07:44:55 GMT","end":"Mon, 25 Aug 2025 08:42:26 GMT"},"fingerprint":{"sha1":"17:8D:FC:D9:4A:EA:79:B7:46:DD:EE:97:42:4D:8E:EC:16:80:33:C9","sha256":"BC:BD:2A:32:AC:62:1F:8F:02:E1:81:F5:CB:76:84:7A:8D:6C:E6:87:F8:61:D0:E7:58:31:1A:4E:E1:BD:6F:B7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dslfndqpednqu.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 522 No Reason Phrase\r\ndate: Fri, 27 Jun 2025 11:08:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 7251\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nserver: cloudflare\r\ncf-ray: 95647c69dc2d0b3d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"522","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":7251,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (510)","md5":"56e27cc0417cf761f5f22aa5256818ab","sha1":"e929cb7a54b985b1680fd7ae6f1f54fa2e8782e5","sha256":"88d29d59790aa63a665d996b3b250a7321cce8a9e16222c2ea33dc363078a672","sha512":"488ed14da5ac33a62bdd892690591cd67b76e8afd32da0f5682d1d48318d7c65ee1fbd013c0125084d7b7d52961565bb6f8ccfc5d79f1b5d178a42435279cb77","ssdeep":"96:1j9jwIjYj8DK/D9KUnG4Fh8/G4Fpj424FL+skKm/jotQmHB+dWS+7RLlfaQxP:1j9jhjYjAK/BbeEpVyjoWQ+D+71lSeP","tlshash":"5ee16662b1f5127a00a381923695fb5a76e0c253c7ff4494b3dcc5632f9ee81e903290","first_seen":"2025-06-27T11:08:46.746629Z","last_seen":"2025-06-27T11:08:46.746629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19421,"timings":{"blocked":28,"dns":1,"connect":1,"send":0,"wait":19363,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-06-27","alert":"Sinkholed","trigger":"dslfndqpednqu.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}