{"report_id":"b3e23a25-fce8-452a-ac2d-4c1ff817d3ae","version":6,"status":"done","tags":[],"date":"2026-02-14T15:36:14Z","url":{"schema":"https","addr":"vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"104.21.88.58","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"title":"Start | VionRood Hub","dom":{"size":11279,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (573)","md5":"f0b21a529910f9244c48507d7ba6f0ce","sha1":"e9637e632aca53f89b24efdb9233b5192ef127fc","sha256":"1b36300356684c16d7a7829299ee2a2b4e3b26d2256af92dca448477277f1c46","sha512":"11bf37d190546700029ef1236ecf6fdbde4435dba371dac1616e4859739404c812057b0e658066eeb35c33f53d0a06ea14d20b59865f0869dc5ea7ce567b70e0","ssdeep":"192:JRK/Sv/cYvLGJwWenAnptMV+5GbJRJuo3EoHWJ0zcqXpu:JRK/Sv/cYvLJW9i+5GbJRJd3EB0zcyI","tlshash":"db32da6250e8202b86385355fca0a3dc6f13d1d7910e1e05b5adcb5b8fa6e47bc1726f","dom_hash":"domhash103896a28475b3698d4a55840567cae3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"104.21.88.58","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T15:36:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"vion-rood.digital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"vion-rood.digital","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-14T15:36:14.93441Z","last_seen":"2026-02-14T15:36:14.93441Z","alert_count":5,"request_count":5,"received_data":24970,"sent_data":2963,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-02-08T22:32:21.331091Z","alert_count":0,"request_count":1,"received_data":84443,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vion-rood.digital/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-23T11:09:41.837051Z","times_seen":310793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vion-rood.digital/js/main.js","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"976a40906ce6d53509c7bb5b1734c5aa","sha1":"3ef6ad378dd7c6c0773a45201c90fc1f6224890d","sha256":"dafffdd5005c795d09163ad9f50a228c34d478e86b6ffb41dc70a6e7a5a5f738","sha512":"c41430c7ed97e8aa61e20d72c4137ce934cd69a193ce4117907ab5e11a905e60003d04df067a6c8a1eb063fc462545c1692f8434ecbda4cd9ea0281d1f45dbe8","ssdeep":"","tlshash":"c1618339787b35354a7b01be6f57538a78205023350add517e8c86113fb0f4288f6bea","size":3197,"data":"","first_seen":"2026-02-14T15:36:19.273899Z","last_seen":"2026-02-14T15:36:19.273899Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T15:35:53.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vion-rood.digital","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 07:17:59 GMT","end":"Tue, 05 May 2026 08:16:37 GMT"},"fingerprint":{"sha1":"5D:95:77:AD:08:4C:F2:ED:61:52:3B:27:5A:7E:95:96:46:CE:A3:1E","sha256":"AF:2F:7A:57:9C:5A:D3:81:15:61:AD:13:57:2F:46:37:EA:02:AD:A1:C6:4A:1E:BD:F3:DA:EA:09:31:D8:34:EE"}}},"request":{"raw":"GET /?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE HTTP/1.1\r\nHost: vion-rood.digital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 15:35:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vs67YcU53%2FR3v5HRF%2BNL7U9ymQv5k5rrZx59NuPoUbUYJ3k8Ztu3IQ17g8j8so6KkV5RheZSnRZSH40CIfYLVeYWAxYaHtx6iMbeEgvIPdQc\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9cdda34f1a9dea57-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10849,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (573)","md5":"b7b58d850656e9302d08449844b9974a","sha1":"d63319997eafd1fdb6ebaef9ac401d4c2d633626","sha256":"4142202935727e4960c8e36bab550768a45f04a5b351e9313c59f3b123bfde4e","sha512":"14272298cddff99eff226828331118c9bdb2fecd0cdfbe394cc19bc12fc91cfa923ca675545f3567c6c9ac6030b1dd69e7347b52292e0e0185f55a5bf2b57af3","ssdeep":"192:HRK/Sv/NYvsG5vVEr36ptMV+5GbJRJuo3EoHWSIgzcqXCi:HRK/Sv/NYvsQVbi+5GbJRJd3E6IgzcyH","tlshash":"5722f96360e4201b4639930abce093ddae12e19bd10b0e0175adce6f8f99e53bd1311f","first_seen":"2026-02-14T15:36:19.269683Z","last_seen":"2026-02-14T15:36:19.269683Z","times_seen":1,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":72,"dns":41,"connect":8,"send":0,"wait":240,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"vion-rood.digital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@picocss/pico@2/css/pico.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","date":"2026-02-14T15:35:53.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/@picocss/pico@2/css/pico.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vion-rood.digital/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 15:35:54 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 12418\r\ncf-ray: 9cdda35259622efa-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 2.1.1\r\nx-jsd-version-type: version\r\netag: W/\"14577-th56JIG/bCaFybUG0avzIOww3NE\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220130-FRA, cache-bma-essb1270022-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 28494\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Q20PJ7TaQQBc66yvCCULozwPAyzTRnVbQIRtO%2BA7dYnHOXQ3GSWP%2FJ0fP9iED6m5umIPP9Mz1W2AnS%2FTIlEUjBlSAn5l%2FTKO8npR1paBjixh5Q7HGRGxNHA0yrIWMOVpelI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83319,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Algol 68 source, Unicode text, UTF-8 text, with very long lines (65426)","md5":"a6774229c41b9dcee7a02e9db03fd24b","sha1":"c0bbf3763ff906a7f39ed5a0ea2e63acff87fd7e","sha256":"7008bc7dc52f83f8760e4e0d782b273162dbf2022d536a50c2eda621858e740d","sha512":"183e6c7968d98a1991866f26bf131464209a4e8a4695bc2869cfe5d22d6867a2c1e479fa3547819e4953d721c98f7725e1e9383097244fa9892ed9fbd0ca6393","ssdeep":"768:+lhBpZlgLkRnJamf9rle1/BV7F8P2i5T8o+:+lhymVrlev8+i5T8o+","tlshash":"c2835688a5819e3e6b3fc41a32d9d98c26253501de70dba7f0a15370d3dfbf05926b89","first_seen":"2025-04-20T19:45:46.279424Z","last_seen":"2026-04-19T03:35:38.03505Z","times_seen":43,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":8,"dns":1,"connect":1,"send":0,"wait":24,"receive":1,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vion-rood.digital/js/main.js","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","date":"2026-02-14T15:35:53.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vion-rood.digital","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 07:17:59 GMT","end":"Tue, 05 May 2026 08:16:37 GMT"},"fingerprint":{"sha1":"5D:95:77:AD:08:4C:F2:ED:61:52:3B:27:5A:7E:95:96:46:CE:A3:1E","sha256":"AF:2F:7A:57:9C:5A:D3:81:15:61:AD:13:57:2F:46:37:EA:02:AD:A1:C6:4A:1E:BD:F3:DA:EA:09:31:D8:34:EE"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: vion-rood.digital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 15:35:54 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Feb 2026 08:09:14 GMT\r\npriority: u=3,i=?0\r\netag: \"6982feaa-c7d\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4kt9APjH35nW12UXWKLFPRoOV%2B2c7pu0lVSNplfAUB%2FF2b%2BtGdPSvdgjNE0l7SKljIb9qe%2BDLyBJoT7eI21WmP%2BBmvsEwWhqZeHGa7aJ7%2Fhy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cdda352588ec8c4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3197,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"976a40906ce6d53509c7bb5b1734c5aa","sha1":"3ef6ad378dd7c6c0773a45201c90fc1f6224890d","sha256":"dafffdd5005c795d09163ad9f50a228c34d478e86b6ffb41dc70a6e7a5a5f738","sha512":"c41430c7ed97e8aa61e20d72c4137ce934cd69a193ce4117907ab5e11a905e60003d04df067a6c8a1eb063fc462545c1692f8434ecbda4cd9ea0281d1f45dbe8","ssdeep":"","tlshash":"c1618339787b35354a7b01be6f57538a78205023350add517e8c86113fb0f4288f6bea","first_seen":"2026-02-14T15:36:19.273899Z","last_seen":"2026-02-14T15:36:19.273899Z","times_seen":1,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"vion-rood.digital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vion-rood.digital/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","date":"2026-02-14T15:35:53.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vion-rood.digital","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 07:17:59 GMT","end":"Tue, 05 May 2026 08:16:37 GMT"},"fingerprint":{"sha1":"5D:95:77:AD:08:4C:F2:ED:61:52:3B:27:5A:7E:95:96:46:CE:A3:1E","sha256":"AF:2F:7A:57:9C:5A:D3:81:15:61:AD:13:57:2F:46:37:EA:02:AD:A1:C6:4A:1E:BD:F3:DA:EA:09:31:D8:34:EE"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: vion-rood.digital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 15:35:53 GMT\r\ncontent-type: application/javascript\r\nexpires: Sat, 14 Feb 2026 16:23:53 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pgkjydB4wiRbvd%2Fzym2OQjMz0bDz3v3a1tSxGdjhFviqWv0EAFWDGbEFNugZ1qri7HHPo%2FbU8DV2VbcpPwnnswJwqQr1%2B8rwL%2FTRhsvJmFOQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9cdda352589bc8c4-ARN\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-23T11:09:41.837051Z","times_seen":310793,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"vion-rood.digital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vion-rood.digital/img/sprite.svg","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","date":"2026-02-14T15:35:53.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vion-rood.digital","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 07:17:59 GMT","end":"Tue, 05 May 2026 08:16:37 GMT"},"fingerprint":{"sha1":"5D:95:77:AD:08:4C:F2:ED:61:52:3B:27:5A:7E:95:96:46:CE:A3:1E","sha256":"AF:2F:7A:57:9C:5A:D3:81:15:61:AD:13:57:2F:46:37:EA:02:AD:A1:C6:4A:1E:BD:F3:DA:EA:09:31:D8:34:EE"}}},"request":{"raw":"GET /img/sprite.svg HTTP/1.1\r\nHost: vion-rood.digital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 15:35:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Feb 2026 08:09:14 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bmihnq4jyG1q7FXwfe%2FsGlS3%2BC72dpCCSz3I0UtH3sBw0Yi%2BavI37Mctd0KALkpJB%2F7ty2iSE%2BlBR36dUJayZErXrcalbh7R7qJyI2q1UIdd\"}]}\r\netag: W/\"6982feaa-15e2\"\r\ncontent-encoding: br\r\ncf-ray: 9cdda352589dc8c4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5602,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e67b76a5e46212125df73650a63da18a","sha1":"3597cade1a2dfbada9c44681bd6f6581445b3a3d","sha256":"6f386159fa382f0bf8441bd90c89442d5875f99aff47d9409605931f12aa9021","sha512":"f8ff82fa556b18f3e0e5d4b96cfa2e17264518dd49771172f39e531d529d6fe5b34a8d165020dce35ded3117c20bcc6d7da2a13209cfebc10239a17f626c29f8","ssdeep":"96:gd3C+o43d3C+o44d3C+o42d3C+o4dd3C+o4dzd3C+o4OSd3C+o4q:gdSp0dSpfdSpfdSpMdSp6dSpedSpv","tlshash":"5dc17aa132a8643dc401860d165df6a5379b22ce43668b80714d9e4a9f40e6bf6f72fd","first_seen":"2026-02-14T15:36:19.278422Z","last_seen":"2026-02-14T15:36:19.278422Z","times_seen":1,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"vion-rood.digital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vion-rood.digital/favicon.svg","fqdn":"vion-rood.digital","domain":"vion-rood.digital","tld":"digital"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE","date":"2026-02-14T15:35:54.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vion-rood.digital","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 07:17:59 GMT","end":"Tue, 05 May 2026 08:16:37 GMT"},"fingerprint":{"sha1":"5D:95:77:AD:08:4C:F2:ED:61:52:3B:27:5A:7E:95:96:46:CE:A3:1E","sha256":"AF:2F:7A:57:9C:5A:D3:81:15:61:AD:13:57:2F:46:37:EA:02:AD:A1:C6:4A:1E:BD:F3:DA:EA:09:31:D8:34:EE"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: vion-rood.digital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vion-rood.digital/?gad_source=1\u0026gad_campaignid=23457303289\u0026gbraid=0AAAABCkOjfK8HrxdCpvNskceigr3fsrwq\u0026gclid=EAIaIQobChMIjIHezJrRkgMVBdBEBx1eWic_EAMYAiAAEgLK6fD_BwE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 15:35:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 04 Feb 2026 08:09:14 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5YqYqpd9nPFEUS5GF0TMl6hW7wK8zizG8NXonbGpkg06I%2FUmT1gynLN%2Bido1AxAUNzs4DWzY0riXsIBTdoiLnFrWCRyRmOu8os52cwmTTU1N\"}]}\r\netag: W/\"6982feaa-379\"\r\ncontent-encoding: br\r\ncf-ray: 9cdda3536bbfc8c4-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":889,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"802ab14cad8415f9f2889767fa46e7e8","sha1":"6df5701e8ce79a2e2c040abb0b27839d67a4cbef","sha256":"3181292146d2e57253a2f06d583c307f368f63733d3eef2c616708f085030b10","sha512":"91383725d7a2ea8b8d97d71e71d0d8c417ef5ce37c275012210cbb92fe8a74fbf3ba62a2863608708734d93bd1d2faaad0927c42fcd6c9e25a158eacc1f40294","ssdeep":"","tlshash":"6d11afb022a86129c400870c179de999379771ce432a8648f0cc6e0a9b10d7b75fb1bc","first_seen":"2026-02-14T15:36:19.281413Z","last_seen":"2026-02-14T15:36:19.281413Z","times_seen":1,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"vion-rood.digital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}