{"report_id":"b122abf3-ca0a-42e3-af7c-f598210af47d","version":6,"status":"done","tags":[],"date":"2025-10-21T12:58:52Z","url":{"schema":"http","addr":"riffalomusic.com/markup/ad","fqdn":"riffalomusic.com","domain":"riffalomusic.com","tld":"com"},"ip":{"addr":"76.223.105.230","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"riffalomusic.com/markup/ad","fqdn":"riffalomusic.com","domain":"riffalomusic.com","tld":"com"},"title":"riffalomusic.com/markup/ad"},"submit":{"url":{"schema":"http","addr":"riffalomusic.com/markup/ad","fqdn":"riffalomusic.com","domain":"riffalomusic.com","tld":"com"},"ip":{"addr":"76.223.105.230","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-25T12:58:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"riffalomusic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"riffalomusic.com","ip":{"addr":"76.223.105.230","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-21T12:58:52.695845Z","last_seen":"2025-10-21T12:58:52.695845Z","alert_count":2,"request_count":2,"received_data":70793,"sent_data":976,"comment":"","tags":null,"fingerprints":[{"name":"GoDaddy Website Builder","description":"","website":"https://www.godaddy.com/websites/website-builder","common_platform_enumeration":"","icon":"GoDaddy.svg","categories":["CMS"]},{"name":"GoDaddy Website Builder:8.0.0000","description":"","website":"https://www.godaddy.com/websites/website-builder","common_platform_enumeration":"","icon":"GoDaddy.svg","categories":["CMS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"riffalomusic.com/markup/ad","fqdn":"riffalomusic.com","domain":"riffalomusic.com","tld":"com"},"ip":{"addr":"76.223.105.230","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-21T12:58:30.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"riffalomusic.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 14 Oct 2025 20:30:40 GMT","end":"Mon, 12 Jan 2026 20:30:40 GMT"},"fingerprint":{"sha1":"F2:39:7E:D7:E4:CA:56:20:BD:55:BA:20:F2:72:75:CA:C6:CD:85:4D","sha256":"35:06:5E:29:28:34:43:72:99:78:09:10:4C:A7:54:51:8E:33:43:19:61:73:62:1C:1E:66:B6:70:9A:47:0B:2A"}}},"request":{"raw":"GET /markup/ad HTTP/1.1\r\nHost: riffalomusic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 500 Internal Server Error\r\nContent-Length: 24\r\nVary: Accept-Encoding\r\nServer: DPS/2.0.0+sha-6e30ec3\r\nX-Version: 6e30ec3\r\nX-SiteId: eu-central-1\r\nSet-Cookie: dps_site_id=eu-central-1; path=/; secure\r\nDate: Tue, 21 Oct 2025 12:58:38 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"GoDaddy Website Builder","description":"","website":"https://www.godaddy.com/websites/website-builder","common_platform_enumeration":"","icon":"GoDaddy.svg","categories":["CMS"]}],"data":{"size":24,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"7730973fb56fa194d629cea99ae4d325","sha1":"cea6f0174b51ca72693cde7f7fd5b843cd1dd44f","sha256":"631ad0cb2a313a443d347d0012e1a348b7ce919d63d5d1d72d3d1d9826f18c09","sha512":"03d0a870593d6cdcb0c77fa448206f871c1c25fe927395dcf8978143dffda0117a18089f1c76f8cd8e2e2364dc780e557b0b03e396dd3be2231261ce93356b50","ssdeep":"","tlshash":"ed700020083000000ba203ee22a2880233e002220bc0880a8aa002ae28a2baa0800022","first_seen":"2023-10-23T13:11:50Z","last_seen":"2026-05-05T10:58:17.680654Z","times_seen":2474,"resource_available":false,"data":null}},"time_used":9789,"timings":{"blocked":1131,"dns":76,"connect":1,"send":0,"wait":7526,"receive":1,"ssl":1053},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"riffalomusic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"riffalomusic.com/favicon.ico","fqdn":"riffalomusic.com","domain":"riffalomusic.com","tld":"com"},"ip":{"addr":"76.223.105.230","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://riffalomusic.com/markup/ad","date":"2025-10-21T12:58:38.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"riffalomusic.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 14 Oct 2025 20:30:40 GMT","end":"Mon, 12 Jan 2026 20:30:40 GMT"},"fingerprint":{"sha1":"F2:39:7E:D7:E4:CA:56:20:BD:55:BA:20:F2:72:75:CA:C6:CD:85:4D","sha256":"35:06:5E:29:28:34:43:72:99:78:09:10:4C:A7:54:51:8E:33:43:19:61:73:62:1C:1E:66:B6:70:9A:47:0B:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: riffalomusic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://riffalomusic.com/markup/ad\r\nCookie: dps_site_id=eu-central-1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nLink: \u003c//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.50.3.js\u003e; rel=preload; as=script; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/playfairdisplay/v40/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/sourcesanspro/v23/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/sourcesanspro/v23/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/sourcesanspro/v23/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://img1.wsimg.com/gfonts/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2\u003e; rel=preload; as=font; crossorigin,\u003chttps://fonts.googleapis.com\u003e; rel=preconnect; crossorigin,\u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin,\u003chttps://img1.wsimg.com\u003e; rel=preconnect; crossorigin,\u003chttps://isteam.wsimg.com\u003e; rel=preconnect; crossorigin\r\nCache-Control: max-age=30\r\nContent-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nContent-Type: text/html;charset=utf-8\r\nVary: Accept-Encoding\r\nServer: DPS/2.0.0+sha-6e30ec3\r\nX-Version: 6e30ec3\r\nX-SiteId: eu-central-1\r\nContent-Encoding: br\r\nDate: Tue, 21 Oct 2025 12:58:38 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"GoDaddy Website Builder:8.0.0000","description":"","website":"https://www.godaddy.com/websites/website-builder","common_platform_enumeration":"","icon":"GoDaddy.svg","categories":["CMS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68620,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23649)","md5":"6a559f2c8d7d399f804d0ce5277f434d","sha1":"15f0b43710ab91ff519193a3a75e868a449ca6d1","sha256":"b1e9c8473e9ea70ca194070f8102a7ee4b061a198ed375bd13355eaf54938865","sha512":"c556cb58f52014010a3a4dc4547fd3cbade8c6051b568d9678f69c9bffbbd9dc1b3a84f6cd7a6f69f4620e2eb6ac1bb76254253a30da88e35835a3a03fdb6f4e","ssdeep":"768:oaAwp0Z2avwe0OUalws0cHay+2+vRHg8AITEqjQLu3TuzVhs4jY7yUjJoHNU1E9U:O+2+vRHg8AITYumM77G9YpGM","tlshash":"7263f59312091218c2230de562e67fa5720ba926d952d374abfd4c389fd686903b1f7f","first_seen":"2025-10-21T12:58:56.333877Z","last_seen":"2025-10-21T12:58:56.333877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-21","alert":"Sinkholed","trigger":"riffalomusic.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}