{"report_id":"af5ffb31-1569-4268-a417-fc62d83dd220","version":0,"status":"done","tags":[],"date":"2026-07-03T00:25:23Z","url":{"schema":"http","addr":"confirm-your-order.com","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":0,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"final":{"url":{"schema":"https","addr":"confirm-your-order.com/","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"title":"Log in — Shopify","dom":{"size":11668,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1759)","md5":"1fc5974bad604008d15434651854da0c","sha1":"be9e4abc6f16bbe35833258966a42090251e7ed4","sha256":"50c2fa2d6c3cfffae6f831a99294c6e71556aeb084c4087527dd3a2208a73186","sha512":"6f58b113722c4b386c9de35253ad16416c6d08f83e5e5adc657aa3e50d00abe9276df0960c71b6328c44b459f0779615a1f1d13c0e1a4f7b5e202dfc26c19c6c","ssdeep":"192:E40aJcXDhgF9qgVpfocu758DWwkLkWWjrqP3jeUvH7c+1I:0gFX8c2SWNFlP3nK","tlshash":"2432d6f5a1f062b6948783e952f5691a7def00bbe1191608f2bc1bd0ef82d958c4bcd4","dom_hash":"domhashf26f7f797407ea76622ebc8bff5ed30b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"confirm-your-order.com","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":0,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T00:25:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.shopify.com","ip":{"addr":"23.227.39.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Canada","country_code":"CA"},"domain_registered":"2005-03-11","domain_rank":3587,"first_seen":"2012-06-22T18:37:14Z","last_seen":"2026-06-29T08:02:11.320442Z","alert_count":0,"request_count":1,"received_data":20362,"sent_data":648,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"confirm-your-order.com","ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":24,"request_count":8,"received_data":342136,"sent_data":4195,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"confirm-your-order.com/script.js","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"introduction_type":"scriptElement","is_inline":false,"md5":"55bc6f2ce3d46f7ca8041f5165dbe69b","sha1":"623e32d680e55846d1711cae62f94f18389e6e59","sha256":"4c263cc9d6fae27b96001713461a99aa55976a819773651800256ec49a703133","sha512":"eaa9fa24054aea6c0ef14d842b11d0fae0d9a3f5c41d72d795ee4f9f3e2c4078c9dbcf963a3f9d112d7eeb14251d0b69a304d4924a14f0c79863ffe22c718319","ssdeep":"96:YJz/E2tFnERfEU0FjETVwLvFShH/rsfz66/+vxMG:wTbKjVwNIjsRqxj","tlshash":"30912e5fa16520b109737336fbd7a20afb3600736440965a7e1e86880fb5c855673faf","size":4378,"data":"","first_seen":"2026-07-03T00:25:28.094385Z","last_seen":"2026-07-03T00:25:28.094385Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Shopify Login Clone loaded successfully","filename":"https://confirm-your-order.com/script.js","line_number":107,"column_number":13},{"level":"log","text":"This is a demonstration clone for pentesting purposes","filename":"https://confirm-your-order.com/script.js","line_number":108,"column_number":13}]},"http":[{"url":{"schema":"https","addr":"cdn.shopify.com/shopifycloud/identity/assets/gradient/noise-ae0ab1628dee87591c6f6d3740b6e7e4e5109417e35a0781070d9d737f959e22.png","fqdn":"cdn.shopify.com","domain":"shopify.com","tld":"com"},"ip":{"addr":"23.227.39.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.632Z","timestamp":1783038293632,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.shopify.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Jun 2026 23:33:29 GMT","end":"Tue, 08 Sep 2026 00:33:20 GMT"},"fingerprint":{"sha1":"33:9C:C4:5E:FA:03:30:10:6C:B4:12:47:2E:11:10:54:EB:C2:95:4E","sha256":"3E:68:05:ED:B9:61:D2:6D:45:49:A8:F2:67:51:68:E4:E6:0B:EE:4A:D5:96:40:D4:87:4B:60:27:91:E5:8D:B1"}}},"request":{"raw":"GET /shopifycloud/identity/assets/gradient/noise-ae0ab1628dee87591c6f6d3740b6e7e4e5109417e35a0781070d9d737f959e22.png HTTP/1.1\r\nHost: cdn.shopify.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 00:24:56 GMT\r\ncontent-type: image/avif\r\ncontent-length: 19037\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 02 Jul 2026 00:40:28 GMT\r\nage: 5630839\r\ncontent-disposition: inline\r\nlink: \u003chttps://cdn.shopify.com/shopifycloud/identity/assets/gradient/noise-ae0ab1628dee87591c6f6d3740b6e7e4e5109417e35a0781070d9d737f959e22.png\u003e; rel=\"canonical\"\r\nserver-timing: imagery;dur=364.156, imageryFetch;dur=85.168, imageryProcess;dur=277.130;desc=\"image\"\r\nsource-length: 54600\r\nsource-type: image/png\r\ntiming-allow-origin: *\r\nvary: Accept\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G5klEhjbgdXrn8TRNuZ%2F%2ByS19pz8zp3VHtmwJslBuMG0bLNeEH5S6atrJmk4RrsTjlyj1ZkdI8zdUZpBdxRe4axo%2BRQHyHhiv5ZBIjRD4EhvrQ%2FEAAdbzKTcJLHXEWk3PQ%3D%3D\"}]}\r\nx-dc: gcp-us-central1,gcp-us-central1\r\nx-request-id: 0f4b3f53-2418-40fc-bf1b-538a6f54558c-1777407456\r\nserver: cloudflare\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-cache-status: HIT\r\ncf-ray: a151c00b19f92678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19037,"size_decoded":20362,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"3d608763ea683b05aceb47459524d521","sha1":"2d15a1533d75b11e4a16b67f27c6a527c32bb578","sha256":"81e3e3b27c2f28dd9ed7049480057cba2aa2a7b86ceb6bd4e64a44f8a6d76dcc","sha512":"59ae68615922fdd80210607cb5231aa6c4f885ddf5cba33ac69d0c9ca2a44d58228a72104786e294198a5890742788a47217119ab587b6fcf5639fbd5b9ea199","ssdeep":"384:rgMdsncCZU4UMEsA2rOmS8zmPNGcRThe554Pvjz44taxaqaTVep2dZlzG:16ncCZFR/r3tJcqgvwsapaxep2db","tlshash":"6d82d0b59e35d307c1b7213403f00b43a612f62a0263b77fa256679d4af4ac16db2cd4","first_seen":"2025-10-19T21:33:43.429731Z","last_seen":"2026-07-03T00:25:28.071686Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3198,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":15,"receive":0,"ssl":3180},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/assets/fonts/Fonts/Inter-Regular-4d3af571c1eaf96e1e58f88a158ff9107e7aa77e5dce7f5e30cea5d7149c6f70.woff2","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.636Z","timestamp":1783038293636,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /assets/fonts/Fonts/Inter-Regular-4d3af571c1eaf96e1e58f88a158ff9107e7aa77e5dce7f5e30cea5d7149c6f70.woff2 HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/styles.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 98868\r\nlast-modified: Wed, 01 Jul 2026 19:02:43 GMT\r\netag: \"6a456453-18234\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":98868,"size_decoded":99126,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 98868, version 1.0","md5":"dc131113894217b5031000575d9de002","sha1":"f96348260751ea78b1d23e9557db297290bdaf28","sha256":"d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6","sha512":"0aa4420c7b7dcc70238371f9d21d521d0673caf4c1883eeb2d3254c5a1dad941f4569f418350ffc61e93303466c504179b90ba0acf008250dc9c2c6ddf6f850b","ssdeep":"1536:kWKd1QBjcSqfPdRBUJEW8yB7F2W4Ob2RdFoEw1r4FM9OcU/0UDTTj:m10zEWfB7GObYof1r5icUH","tlshash":"70a312ac58ffdf34aa65a9fcd27856761094223d83edc0ac90a200c6c7b65794fdcd98","first_seen":"2023-04-05T14:51:38Z","last_seen":"2026-07-03T07:27:01.563706Z","times_seen":26387,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/favicon.ico","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.952Z","timestamp":1783038293952,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":162,"size_decoded":275,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"1b7c22a214949975556626d7217e9a39","sha1":"d01c97e2944166ed23e47e4a62ff471ab8fa031f","sha256":"340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87","sha512":"ba64847cf1d4157d50abe4f4a1e5c1996fe387c5808e2f758c7fb3213bfefe1f3712d343f0c30a16819749840954654a70611d2250fd0f7b032429db7afd2cc5","ssdeep":"","tlshash":"59c08c6e2613bd4cc6a3217522c3b490c09aa3a7a4ea46214840805331cb29a8ac7396","first_seen":"2023-03-10T20:17:28Z","last_seen":"2026-07-03T06:13:53.8202Z","times_seen":45862,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T00:24:52.877Z","timestamp":1783038292877,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 01 Jul 2026 19:02:38 GMT\r\netag: W/\"6a45644e-2df8\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":11768,"size_decoded":4772,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1753), with CRLF line terminators","md5":"76d8c7a77a4aaa72a3f31a88ed023d4b","sha1":"42a0814b26bc4a0c7c9dae0f669b852588d71ad2","sha256":"36b06536a322e376d8e3e4f5e400e2d7afd2e12482469f8aa8d6680c624b7884","sha512":"40f1e3d573e149164b254cc73b21febe477522c4f358e4a75d59c91b659ede491453664d9528e6166285072dc35c484b2b6dbe17f5a18ca09e6435179bf4b3ba","ssdeep":"192:5MDhgF9qgCpkocu7m8DWwkLkWWdXWL3j8ULHZDHIP:ugFXycXSWNFZL35+","tlshash":"1032c6b591c061b695b3c3d542b56a1afeef00bbe1091608b2ac27d7efb2d548c4b8d4","first_seen":"2026-07-03T00:25:28.080471Z","last_seen":"2026-07-03T00:25:28.080471Z","times_seen":1,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":36,"connect":43,"send":0,"wait":82,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/styles.css","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.343Z","timestamp":1783038293343,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: text/css\r\ncontent-length: 10333\r\nlast-modified: Wed, 01 Jul 2026 19:02:41 GMT\r\netag: \"6a456451-285d\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10333,"size_decoded":10574,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f6c9ae9d3479b4a711cd5f483f55886b","sha1":"1259fcb7e76fe1d955b19d6063ee9d7b49bdfc55","sha256":"2f4ca057f954f01bf821d6732dea3c4471499bc0b6d3b8d4b8117b38f17914b5","sha512":"6922ab50d897cd8f64f98b0b0ca1309c5ddddffcc8fb07036ca3a480db72da5c1d869e0035d1e1024d6985208522b84ef920e1343a3cc9a9cc9d098b659bb928","ssdeep":"192:2vYBSJzuS3LOuFDNt6+ALj9ttq43+vWrHpJ9cZuv/OBF:tulAjwAG","tlshash":"ea22428dda022006b2379f68abb30745d7695063cb02527c7fdd22888ffa1684671fec","first_seen":"2026-07-03T00:25:28.085648Z","last_seen":"2026-07-03T00:25:28.085648Z","times_seen":1,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/assets/logo.svg","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.350Z","timestamp":1783038293350,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /assets/logo.svg HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2673\r\nlast-modified: Wed, 01 Jul 2026 19:02:43 GMT\r\netag: \"6a456453-a71\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2673,"size_decoded":2917,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d3e92529305b59bf0f9c5b3c465cba57","sha1":"cde49e0643707e5a4ae10a31abad149b6127caaa","sha256":"31218e858c0c19e74e2c504640631d96bdc143a47314a39c2e9e20cc908f00b8","sha512":"19ea0396c014e39ab2d570d58b4b7c15727d4339a2c4adfb5a3c4ebfe6766e15fe4000eb3ddaacaad9d7ee2a3ec8b1c93f51721a3ed9adc467cb51eac1cd384b","ssdeep":"","tlshash":"93510eacd340c3b8de994bb4d739a1b0b41e21dd52e08768a5b9c520b6a54edc6accc9","first_seen":"2023-05-05T10:02:19Z","last_seen":"2026-07-03T00:25:28.089652Z","times_seen":262,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/assets/fonts/Fonts/Inter-Bold-4555674e339a87091ab7087e93b2c5317d36b982dc924cb89f3011faa11f23eb.woff2","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.635Z","timestamp":1783038293635,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /assets/fonts/Fonts/Inter-Bold-4555674e339a87091ab7087e93b2c5317d36b982dc924cb89f3011faa11f23eb.woff2 HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/styles.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 106140\r\nlast-modified: Wed, 01 Jul 2026 19:02:43 GMT\r\netag: \"6a456453-19e9c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106140,"size_decoded":106399,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 106140, version 1.0","md5":"444a7284663a3bc886683eb81450b294","sha1":"1e94a0dfac8bab0947ea9b0b6fb663ebad5cceb5","sha256":"c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7","sha512":"7be12803aab99ac90dcb4d56ebdb682612f8ecfaca95a2b60a9b5b06f461ed2222ccf757280e40cf1d4860e67bc35d5391ae5479d6b7282ea075f7ee56bf53d1","ssdeep":"3072:JNQdKgDRY2QEdOWASkVB09yzqr4hP7a/lR8A:IdKgDRHcDsbt/rh","tlshash":"18a312068bebe92f2e8715e71c34396bcc410b26cbb46ae657727d785e40764b04f21d","first_seen":"2023-04-11T10:20:42Z","last_seen":"2026-07-03T04:58:23.967926Z","times_seen":7701,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/assets/fonts/Fonts/Inter-Medium-64fed266406fcc96f7a47848817209e14a7f3d539503951b507239653512ae27.woff2","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.637Z","timestamp":1783038293637,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /assets/fonts/Fonts/Inter-Medium-64fed266406fcc96f7a47848817209e14a7f3d539503951b507239653512ae27.woff2 HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/styles.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 105924\r\nlast-modified: Wed, 01 Jul 2026 19:02:43 GMT\r\netag: \"6a456453-19dc4\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":105924,"size_decoded":106183,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 105924, version 1.0","md5":"75db5319e7e87c587019a5df08d7272c","sha1":"92b30527304b5dc80f45e997e0b1ac4c70110a18","sha256":"1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6","sha512":"4e556d80b52ddbadddf9287f6cdaef0d12113d0fa4a07728fd67767b97806eba5fa0f82711f71e76ee2875192d7618a9b6c277ceb6d69a30f76ca8e3ebb74aa1","ssdeep":"3072:7Jk35GDAni+UzuVEjLH8MSP02J5E4ZjJffp:7ys0iIEjz8MNGRfp","tlshash":"3ca312f46132150feebafcb00b9354415488ea21d39746ebeb74a5a3644dcdb8ea06c3","first_seen":"2023-04-08T13:53:30Z","last_seen":"2026-07-03T08:07:11.70639Z","times_seen":10522,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"confirm-your-order.com/script.js","fqdn":"confirm-your-order.com","domain":"confirm-your-order.com","tld":"com"},"ip":{"addr":"103.101.85.123","port":443,"asn":200239,"as":"Bogahost Bilisim ve Telekomunikasyon Hiz. San ve Tic. Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://confirm-your-order.com/","date":"2026-07-03T00:24:53.344Z","timestamp":1783038293344,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"confirm-your-order.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Jul 2026 17:59:53 GMT","end":"Tue, 29 Sep 2026 17:59:52 GMT"},"fingerprint":{"sha1":"26:72:4C:9B:6E:6E:02:8D:DE:FF:9F:1A:5A:4A:95:C3:64:48:DB:9D","sha256":"FA:0D:E5:C1:77:C0:A1:5F:11:89:DA:6A:4B:98:8D:B2:CE:11:17:3B:79:2D:B9:FD:81:2C:46:DF:39:52:C5:59"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: confirm-your-order.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://confirm-your-order.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:24:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4378\r\nlast-modified: Wed, 01 Jul 2026 19:02:39 GMT\r\netag: \"6a45644f-111a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4378,"size_decoded":4632,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"55bc6f2ce3d46f7ca8041f5165dbe69b","sha1":"623e32d680e55846d1711cae62f94f18389e6e59","sha256":"4c263cc9d6fae27b96001713461a99aa55976a819773651800256ec49a703133","sha512":"eaa9fa24054aea6c0ef14d842b11d0fae0d9a3f5c41d72d795ee4f9f3e2c4078c9dbcf963a3f9d112d7eeb14251d0b69a304d4924a14f0c79863ffe22c718319","ssdeep":"96:YJz/E2tFnERfEU0FjETVwLvFShH/rsfz66/+vxMG:wTbKjVwNIjsRqxj","tlshash":"30912e5fa16520b109737336fbd7a20afb3600736440965a7e1e86880fb5c855673faf","first_seen":"2026-07-03T00:25:28.094385Z","last_seen":"2026-07-03T00:25:28.094385Z","times_seen":1,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"confirm-your-order.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
