{"report_id":"b021b8e5-4ff7-47f8-947a-a441c4cd427e","version":0,"status":"done","tags":[],"date":"2026-06-10T20:25:14Z","url":{"schema":"http","addr":"cryptomonkc.xyz","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cryptomonkc.xyz/","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"title":"kraken","dom":{"size":4195,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"a63e110728d8fa48015384b2409376d8","sha1":"5f0dd0df147ea69b9ea29c4950d4caed3f285d70","sha256":"ffe6f3049a20a3f0c98b704dbd4042fe872b3165f393eb3eb11aafbb41aed872","sha512":"a045cfdcba63b2dbd5d3108dda22dcaca8eda5e1b2c81f3afc66c042b63a5b1d07ebb594f2b84bd337cd52a6fd653ef49f8e69e6dff070efc532b66544657a15","ssdeep":"48:nKpNvNpmq3p3r/dKjOThMRoF/8aZ9HVw/WJlQAqFsejr:nonJlKjOThfZZdyu7qFsejr","tlshash":"6381435745a704553902d8b83fdb9a5626498023c209dca87f9c229ccfcbac49af3b8c","dom_hash":"domhash7daee4acee8fd89d07cbd3cc302156bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cryptomonkc.xyz","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-15T20:25:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cryptomonkc.xyz","ip":{"addr":"64.111.92.48","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-08-13","domain_rank":0,"first_seen":"2026-06-10T20:25:14.359346Z","last_seen":"2026-06-10T20:25:14.359346Z","alert_count":10,"request_count":5,"received_data":27129,"sent_data":2674,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cryptomonkc.xyz/","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-10T20:24:47.653Z","timestamp":1781123087653,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cryptomonkc.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 20:58:52 GMT","end":"Thu, 06 Aug 2026 20:58:51 GMT"},"fingerprint":{"sha1":"66:97:66:CA:57:3B:44:B3:2A:9F:B5:90:73:EF:7B:96:3A:2A:02:B6","sha256":"61:1A:38:8F:D3:B7:41:21:06:2B:BA:55:3B:11:61:1D:30:1E:BD:91:2A:3A:4A:33:F3:93:3F:AA:FD:4C:EF:F4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cryptomonkc.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 10 Jun 2026 20:24:47 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: antibot=0d97bd71-9b16-4cd3-861c-dd7058305330; Path=/; HttpOnly; Secure; SameSite=Strict\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4381,"size_decoded":1712,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"96995d10cc3c32092b5920fd227a6047","sha1":"b156a676e1112a673af48bdd189355221ccbc35f","sha256":"7d6a16227fd994d31f34647818a6e6e2e26df3a73097bafcc0935a7164fed8a4","sha512":"44ef60142888b83d4affb434ab862bad247c1a484fef54640f0a6b6c959a908269fcf81e1b34081e7bb695d4478e84c12b51f71185b0c17bc993e4ddeaff105c","ssdeep":"48:tfJNeN8yrpxhHEddIjPaKow5KX8zXtiXttPIv4WBf3P:py7uLIjPaKRPXMC4WBPP","tlshash":"a091312585851445313286b47fd256aafb8a0123c30650a87fdc33968ffba5897b3fcc","first_seen":"2026-06-10T20:25:17.553523Z","last_seen":"2026-06-10T20:25:17.553523Z","times_seen":1,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":44,"connect":22,"send":0,"wait":145,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cryptomonkc.xyz/antibot_assets/css2.css","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cryptomonkc.xyz/","date":"2026-06-10T20:24:48.174Z","timestamp":1781123088174,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cryptomonkc.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 20:58:52 GMT","end":"Thu, 06 Aug 2026 20:58:51 GMT"},"fingerprint":{"sha1":"66:97:66:CA:57:3B:44:B3:2A:9F:B5:90:73:EF:7B:96:3A:2A:02:B6","sha256":"61:1A:38:8F:D3:B7:41:21:06:2B:BA:55:3B:11:61:1D:30:1E:BD:91:2A:3A:4A:33:F3:93:3F:AA:FD:4C:EF:F4"}}},"request":{"raw":"GET /antibot_assets/css2.css HTTP/1.1\r\nHost: cryptomonkc.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cryptomonkc.xyz/\r\nCookie: antibot=0d97bd71-9b16-4cd3-861c-dd7058305330\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 10 Jun 2026 20:24:48 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 19\r\nConnection: keep-alive\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T12:29:11.777138Z","times_seen":16636172,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cryptomonkc.xyz/antibot_assets/kraken.css","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cryptomonkc.xyz/","date":"2026-06-10T20:24:48.178Z","timestamp":1781123088178,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cryptomonkc.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 20:58:52 GMT","end":"Thu, 06 Aug 2026 20:58:51 GMT"},"fingerprint":{"sha1":"66:97:66:CA:57:3B:44:B3:2A:9F:B5:90:73:EF:7B:96:3A:2A:02:B6","sha256":"61:1A:38:8F:D3:B7:41:21:06:2B:BA:55:3B:11:61:1D:30:1E:BD:91:2A:3A:4A:33:F3:93:3F:AA:FD:4C:EF:F4"}}},"request":{"raw":"GET /antibot_assets/kraken.css HTTP/1.1\r\nHost: cryptomonkc.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cryptomonkc.xyz/\r\nCookie: antibot=0d97bd71-9b16-4cd3-861c-dd7058305330\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 10 Jun 2026 20:24:48 GMT\r\nContent-Type: text/css; charset=utf-8\r\nContent-Length: 4768\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nLast-Modified: Tue, 06 Jan 2026 17:09:55 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4768,"size_decoded":4992,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"75fd64fc8e99dc317f41914081a03352","sha1":"97c20a567cf31b997322b3228838ae44b1394233","sha256":"db6ad8d74f75b4ec10be88cbf8dcf0134d1f63f7126accf2b375a0833aba0028","sha512":"9b8c26c9e7b3ca6fbdd5337dbbe2a6bfa06cb476355406f010cf4ea09438a406c804f5c56577e7b68b11870ee8fedb397ffd11a72ab2036c5485175779aafc99","ssdeep":"48:W3AtE0JlzWvwIpQnStqoemMHmGmRm6iRtmQmHxa9uuuma86cPBmJz9K+N3z+0hCK:/zGwIU2jMxALy63zD2s5","tlshash":"78a1df9e16022b5083324f3463979b15b72402768e4530edb8d04ab9eb96be686d0fcf","first_seen":"2024-09-22T02:59:45Z","last_seen":"2026-06-20T01:43:33.793742Z","times_seen":217,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":21,"send":0,"wait":148,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cryptomonkc.xyz/antibot_generatecaptcha?ceJMAlVTtM","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cryptomonkc.xyz/","date":"2026-06-10T20:24:48.184Z","timestamp":1781123088184,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cryptomonkc.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 20:58:52 GMT","end":"Thu, 06 Aug 2026 20:58:51 GMT"},"fingerprint":{"sha1":"66:97:66:CA:57:3B:44:B3:2A:9F:B5:90:73:EF:7B:96:3A:2A:02:B6","sha256":"61:1A:38:8F:D3:B7:41:21:06:2B:BA:55:3B:11:61:1D:30:1E:BD:91:2A:3A:4A:33:F3:93:3F:AA:FD:4C:EF:F4"}}},"request":{"raw":"GET /antibot_generatecaptcha?ceJMAlVTtM HTTP/1.1\r\nHost: cryptomonkc.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cryptomonkc.xyz/\r\nCookie: antibot=0d97bd71-9b16-4cd3-861c-dd7058305330\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 10 Jun 2026 20:24:48 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 12401\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: no-store, no-cache, must-revalidate, private\r\nExpires: 0\r\nLast-Modified: Wed, 14 Jan 2026 16:48:55 GMT\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12401,"size_decoded":12704,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"Blender:File:C:\\Projects\\captcha\\captcha-3.blend\", comment: \"Blender:Date:2023/02/14 21:51:04\", comment: \"Blender:Time:00:00:00:00\", comment: \"Blender:Frame:000\", comment: \"Blender:Camera:Camera\", comment: \"Blender:Scene:Scene\", comment: \"Blender:RenderTime:00:00.07\", baseline, precision 8, 380x120, components 3","md5":"d5053935a9e58a54d0777dbf9ef936e0","sha1":"488627788639293ef1136a21b63ebccb298ade67","sha256":"6f1049b3608c4d74dbaefd458fe50dffc39e28c1b2bb918b401dd856d6a50c35","sha512":"5f6f3f88a06cab3e7b890a6490ffe441b87dd441a991e8cb4c222762db6cd055eb6a957dc849b14052fb718fe9eda0d9d8cb3fe993bb46384c9d3429ddef5c06","ssdeep":"192:jsyXA8Olj7KkSniskNwhZC7qaBOCgugPAGErF7Qd6fw2cq+3W6Kf2QyDCs:IyXA8wj1giRwQe4O6gEhnY2DgvKf2VOs","tlshash":"4d42b097f4a20127ea8698f6eafc4301af479545f5e98012f5268006eb64bff8c1dd36","first_seen":"2026-03-06T09:52:13.582014Z","last_seen":"2026-06-10T20:25:17.555514Z","times_seen":2,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":209,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cryptomonkc.xyz/favicon.ico","fqdn":"cryptomonkc.xyz","domain":"cryptomonkc.xyz","tld":"xyz"},"ip":{"addr":"64.111.92.48","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cryptomonkc.xyz/","date":"2026-06-10T20:24:48.498Z","timestamp":1781123088498,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cryptomonkc.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 May 2026 20:58:52 GMT","end":"Thu, 06 Aug 2026 20:58:51 GMT"},"fingerprint":{"sha1":"66:97:66:CA:57:3B:44:B3:2A:9F:B5:90:73:EF:7B:96:3A:2A:02:B6","sha256":"61:1A:38:8F:D3:B7:41:21:06:2B:BA:55:3B:11:61:1D:30:1E:BD:91:2A:3A:4A:33:F3:93:3F:AA:FD:4C:EF:F4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cryptomonkc.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cryptomonkc.xyz/\r\nCookie: antibot=0d97bd71-9b16-4cd3-861c-dd7058305330\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 10 Jun 2026 20:24:48 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4381,"size_decoded":1611,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"f4952ab8f77fb4df6b2b80099501079d","sha1":"52dcef84dca1d2f9d26e957e8f545273c0e01506","sha256":"c0bebb48537f3012c584fdfbdd51afc1a20de6843884a6b31e0606ebeac8db31","sha512":"98d267499acc6dbf18dcc95caf771830f486de1b97480a57b8a9e3bf5099489a0883a8747531022d5ea9f3e8d5d282fa912a316d99feeeb019ddea9682bf8cf8","ssdeep":"48:tfJNeN8yrpxhHEddGjPaKow5KX8zXtiXttPIv4WBf3P:py7uLGjPaKRPXMC4WBPP","tlshash":"9891212585851445317286b47fd256aafb8a0123c30651a87fdc33968ffba5897b3fcc","first_seen":"2026-06-10T20:25:17.55663Z","last_seen":"2026-06-10T20:25:17.55663Z","times_seen":1,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"cryptomonkc.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}