{"report_id":"af1b14fe-e655-43fa-892d-3d94bff6f309","version":6,"status":"done","tags":[],"date":"2025-09-24T13:26:20Z","url":{"schema":"http","addr":"compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/","fqdn":"compliance-central.com","domain":"compliance-central.com","tld":"com"},"ip":{"addr":"64.191.166.198","port":0,"asn":13776,"as":"QX-NET-ASN-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/","fqdn":"compliance-central.com","domain":"compliance-central.com","tld":"com"},"title":"compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/"},"submit":{"url":{"schema":"http","addr":"compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/","fqdn":"compliance-central.com","domain":"compliance-central.com","tld":"com"},"ip":{"addr":"64.191.166.198","port":0,"asn":13776,"as":"QX-NET-ASN-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-29T13:26:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"compliance-central.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"compliance-central.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"compliance-central.com","ip":{"addr":"64.191.166.198","port":443,"asn":13776,"as":"QX-NET-ASN-1","country":"United States","country_code":"US"},"domain_registered":"2009-05-13","domain_rank":0,"first_seen":"2013-10-09T17:44:49Z","last_seen":"2025-09-23T15:32:02.975139Z","alert_count":4,"request_count":2,"received_data":3105,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/","fqdn":"compliance-central.com","domain":"compliance-central.com","tld":"com"},"ip":{"addr":"64.191.166.198","port":443,"asn":13776,"as":"QX-NET-ASN-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-24T13:25:58.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"compliance-central.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Jul 2025 09:52:38 GMT","end":"Tue, 28 Oct 2025 09:52:37 GMT"},"fingerprint":{"sha1":"BB:A7:D5:EB:69:62:52:3A:5E:0A:6A:D3:6B:25:E3:50:2F:32:8C:55","sha256":"E8:D6:D7:1A:F0:A4:F4:C1:53:11:B5:07:D9:1E:FC:F2:E2:26:C1:8C:F9:7D:73:2B:E8:6A:93:C9:2E:54:E8:03"}}},"request":{"raw":"GET /68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/ HTTP/1.1\r\nHost: compliance-central.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Wed, 24 Sep 2025 13:25:58 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nupgrade: h2,h2c\r\nconnection: Upgrade\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 66\r\ncontent-type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":46,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"7f9c220dc9cb9496e2088e53e1af2368","sha1":"5642b92c6adee339838e2b9bb012138db4ed4902","sha256":"6343dde812a088322ce7830569bcfcc21603d8c916e796dff263b1ac151bdb7e","sha512":"b7d631a7993da0a1fd7b99912fee2d526299cb678812fccd61b66dcbd3646f565ee1992433378d26ed109837d1caa2a54ecfe64830b1f2f6b30902a990cb0774","ssdeep":"","tlshash":"af9002011f446851a5022184512b5d9424ac212281184020589c5614ca102212c4281b","first_seen":"2023-05-04T14:03:55Z","last_seen":"2026-06-10T15:27:00.392129Z","times_seen":185,"resource_available":true,"data":null}},"time_used":2939,"timings":{"blocked":548,"dns":139,"connect":132,"send":0,"wait":1843,"receive":0,"ssl":274},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"compliance-central.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"compliance-central.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"compliance-central.com/favicon.ico","fqdn":"compliance-central.com","domain":"compliance-central.com","tld":"com"},"ip":{"addr":"64.191.166.198","port":443,"asn":13776,"as":"QX-NET-ASN-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/","date":"2025-09-24T13:26:00.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"compliance-central.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Jul 2025 09:52:38 GMT","end":"Tue, 28 Oct 2025 09:52:37 GMT"},"fingerprint":{"sha1":"BB:A7:D5:EB:69:62:52:3A:5E:0A:6A:D3:6B:25:E3:50:2F:32:8C:55","sha256":"E8:D6:D7:1A:F0:A4:F4:C1:53:11:B5:07:D9:1E:FC:F2:E2:26:C1:8C:F9:7D:73:2B:E8:6A:93:C9:2E:54:E8:03"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: compliance-central.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://compliance-central.com/68d3ddcb164c6/cff6f4e81ed51aee0b4da05cecbd246ef83be4d7/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\ndate: Wed, 24 Sep 2025 13:26:00 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1110\r\ncontent-type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2533,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"f83e701b931bd6d99ab5a17b87ba4ca1","sha1":"1e8bf946ba90125d059b0561811253f7fe987564","sha256":"111b237629a6c46aa81323ab8990aa414f9552ef5f8675970a7d93e0518cdc3e","sha512":"13586b4570c4e41ae26691d3516ed7c383f754b381b789ad2169182de7cee0ce9e60015d806619bce7a14efd4ec4884e5301811422287f914f2bc87dbcdb9cf8","ssdeep":"","tlshash":"a95175aa9940080981bb52369b63714cf9745543d603096e7bbda39b8fb16cc8b73f94","first_seen":"2023-05-16T15:32:16Z","last_seen":"2025-09-24T13:26:21.799468Z","times_seen":3,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"compliance-central.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"compliance-central.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}