{"report_id":"b61ebf77-4858-4e48-aab0-84513f247a97","version":6,"status":"done","tags":[],"date":"2025-12-03T05:57:50Z","url":{"schema":"http","addr":"links.mail.vip-deals.com/error/error404?url=https:/","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":0,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"final":{"url":{"schema":"http","addr":"links.mail.vip-deals.com/error/error404?url=https:/","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"title":"ExpertSender : Error 404","dom":{"size":1266,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"5897a944846f15d5af9a26c734d15443","sha1":"279794919111ef140ef6f9a67dd5a847832358cd","sha256":"ebaf829970bc4c1847e8f34987afc33984ab00788856cd5ce9a8f590e0e34cd7","sha512":"b58aa6d7f486cbfb7915707d6ebacc37198a4ec656e2a9e559808c83bf74efc9c75fafc34271233040f3bf7cd08ce3af59e764a30beba14c2d9eb2843a3094be","ssdeep":"","tlshash":"3f21cd1e4ce0945e22704995f4f1f56acc85e5075314cc94b09c00ae6fd0bde8c9b518","dom_hash":"domhash908cf224bf853d3da585a8f68c90dd9b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"links.mail.vip-deals.com/error/error404?url=https:/","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":0,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-07T05:57:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-11-30T22:21:59.282818Z","alert_count":0,"request_count":2,"received_data":102746,"sent_data":870,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"ajax.aspnetcdn.com","ip":{"addr":"23.36.77.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-10-12","domain_rank":21241,"first_seen":"2012-05-24T13:35:31Z","last_seen":"2025-12-01T01:09:23.852605Z","alert_count":0,"request_count":1,"received_data":49157,"sent_data":461,"comment":"","tags":null,"fingerprints":null},{"fqdn":"links.mail.vip-deals.com","ip":{"addr":"46.248.181.125","port":443,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":7,"request_count":7,"received_data":24697,"sent_data":3387,"comment":"","tags":null,"fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.5.2","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Microsoft Ajax Content Delivery Network","description":"Microsoft Ajax Content Delivery Network hosts popular third party JavaScript libraries such as jQuery and enables you to easily add them to your web applications.","website":"https://docs.microsoft.com/en-us/aspnet/ajax/cdn/overview","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["CDN"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jquery.validate/1.17.0/jquery.validate.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"23.36.77.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c9ac9203273af51236775e775672b62","sha1":"ec9696d89ad9c44ce9ed4d845f34006d196740a6","sha256":"bc58cc415c6d5fd68961ab6bcb8884fcdeada2fd7500c7857f72d8dcc20c4647","sha512":"2f0c58b181e5f04177a192e1a73a1842b7ae974aca7d02cea7608d421ce128ce891c5286b742015b36acd168713a82d9cff5cb5503e8164b183e67cd2a044c14","ssdeep":"768:qFBLkpTb/jQT9vI/Vrl/zWvNob4/cUAK89OyjA1QKsdn+GKQkq/E1YApd65K84ka:jpTb/jQTZI/Vrl/KKb4/cUAK89OyjA1n","tlshash":"e6235288fb9e005e8a6931feac4e51cd76bd8075a500a87ebcdd14a415e4cbc12f9f78","size":48675,"data":"","first_seen":"2023-04-11T04:31:47Z","last_seen":"2026-06-06T08:27:54.482082Z","times_seen":490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-11T01:56:29.545183Z","times_seen":167577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-3.5.2.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"88d82ba2bc432aa8ea45a71fb47ebccf","sha1":"e2382b1ecea7bff8870bdf7ce03a7a6262b60237","sha256":"a1c51ea6d1cda1dd205b65f567ea25dce3550065b32095d4988b3ee2751e0cb2","sha512":"e6cfa24544c0af49d4b42eb5fe6b2cfacd628a511954cf02f82dc78dd774a79b197dfc71bde4b0f5fbc8e8c1f0dbbe715d4a121747c232e52f3dd57506b9f2c4","ssdeep":"192:XAprDN+s0g6YfKIUfmI9vP1lg+vm9kdg6iLJJaCJQ+h4MlcjbR4:XAprx0kfKIi7P1lrvmAiLJo+h4M2ju","tlshash":"e352e96db56679724eb731b8f03bd20b71b205dd160d8940d19cc8f6686dc9e822bf78","size":13949,"data":"","first_seen":"2024-07-22T23:39:43Z","last_seen":"2026-06-10T19:52:00.446623Z","times_seen":2612,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"links.mail.vip-deals.com/error/error404?url=https:/","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":443,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-03T05:57:28.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"links.mail.vip-deals.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Oct 2025 01:32:13 GMT","end":"Mon, 05 Jan 2026 01:32:12 GMT"},"fingerprint":{"sha1":"30:72:4E:1D:CB:DF:35:7B:81:6C:3D:5E:BD:F5:24:B5:E0:BF:E5:89","sha256":"6A:7E:1A:2B:E6:7C:00:EC:69:EF:5A:9C:AF:8B:BA:DA:88:1F:06:A8:D6:2F:45:AC:5B:46:77:0C:B7:B9:92:9B"}}},"request":{"raw":"GET /error/error404?url=https:/ HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private\r\ncontent-type: text/html; charset=utf-8\r\nset-cookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69; path=/\r\ndate: Wed, 03 Dec 2025 05:57:27 GMT\r\ncontent-length: 1433\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.5.2","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Microsoft Ajax Content Delivery Network","description":"Microsoft Ajax Content Delivery Network hosts popular third party JavaScript libraries such as jQuery and enables you to easily add them to your web applications.","website":"https://docs.microsoft.com/en-us/aspnet/ajax/cdn/overview","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["CDN"]}],"data":{"size":1433,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"82bce47148bbe511131714dfd62e1b33","sha1":"215f73158b9cf1953617e721186c8b3fc2ebd918","sha256":"88e9073cacb1505841af8edbe8f8e1009e397227933450dca6aa20b5a563c294","sha512":"a739c6939e44977ead1f07d4613829d7e0d9c3de5a47ae6bfb8c14fc104ce604a61155633e7b5947bc6e250f47e9f2b868d884819c59cd444d3605c474531e8a","ssdeep":"","tlshash":"e221ce1e5c81c85d13b14ad5f8f2f66ed841a2075305d898b4dc106b6ff0bec8c97556","first_seen":"2025-12-03T05:17:56.304595Z","last_seen":"2026-04-28T14:40:38.826174Z","times_seen":52,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":92,"dns":1,"connect":41,"send":0,"wait":111,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"links.mail.vip-deals.com/styles/mainstyles?v=AWvE7Ku8--djHFa9mn0NdUbM9oUR67E2UJfEP7U2yeM1","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":80,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.635Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /styles/mainstyles?v=AWvE7Ku8--djHFa9mn0NdUbM9oUR67E2UJfEP7U2yeM1 HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/error/error404?url=https:/\r\nCookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: public\r\nContent-Type: text/css; charset=utf-8\r\nContent-Encoding: gzip\r\nExpires: Thu, 03 Dec 2026 05:57:28 GMT\r\nLast-Modified: Wed, 03 Dec 2025 05:57:28 GMT\r\nVary: User-Agent,Accept-Encoding\r\nDate: Wed, 03 Dec 2025 05:57:28 GMT\r\nContent-Length: 2036\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5890,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (5890), with no line terminators","md5":"7fb9fa12607990b08c6f90b6fe0e59a5","sha1":"abf11f0b252e0d7c2f41a4ed8920ee078df63765","sha256":"a78c0e62481aeaa701859470b92fb0e563f6d054af252007d37e6c9270249d3e","sha512":"557ddf6246a1f7ed1a234878ed18f436d042722a23a3b8b5ce8c7a7b03b7fbed72089179b1d712e7e2076073e485f8bbaa61fa11896be25609dbeacadeb1ba2c","ssdeep":"96:Mn40XRqH25e3UX/IjBIRpf03BpCG2IqshWCBaisCprjJzepwjkjoVaz:MnA2IEgjWRpfUpCG2uThbtjfjkjoVaz","tlshash":"e3c153206fa6202ff12bc573f872b6dd7204c417e5575ebdea19393dd8c92981e22788","first_seen":"2023-04-08T12:52:06Z","last_seen":"2026-05-04T12:41:19.570977Z","times_seen":45,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":1,"dns":1,"connect":41,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 03 Dec 2025 05:57:28 GMT\r\nage: 2476217\r\nx-served-by: cache-lga21978-LGA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 27, 2106\r\nx-timer: S1764741449.670505,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-11T01:56:29.545183Z","times_seen":167577,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":26,"dns":19,"connect":13,"send":0,"wait":17,"receive":2,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jquery.validate/1.17.0/jquery.validate.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"23.36.77.73","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ajax.microsoft.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure ECC TLS Issuing CA 04","organization":"Microsoft Corporation"},"validity":{"start":"Wed, 15 Jan 2025 17:50:49 GMT","end":"Sat, 10 Jan 2026 17:50:49 GMT"},"fingerprint":{"sha1":"67:7D:DB:2D:BB:27:07:2D:C9:20:48:81:00:BE:4D:DC:81:08:A9:2D","sha256":"59:BC:DE:80:EE:F9:3D:BA:D9:06:0B:44:03:DF:2E:89:FC:64:EF:D9:5B:25:01:51:86:C6:B1:37:63:A1:7D:30"}}},"request":{"raw":"GET /ajax/jquery.validate/1.17.0/jquery.validate.js HTTP/1.1\r\nHost: ajax.aspnetcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 17037\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\netag: \"aeb12228ad31:0\"\r\nlast-modified: Mon, 31 Jul 2017 18:09:20 GMT\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: public, max-age=30810786\r\ndate: Wed, 03 Dec 2025 05:57:28 GMT\r\nvary: Accept-Encoding\r\nakamai-grn: 0.454d2417.1764741448.3b1fb471\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48676,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (511)","md5":"8c9ac9203273af51236775e775672b62","sha1":"ec9696d89ad9c44ce9ed4d845f34006d196740a6","sha256":"bc58cc415c6d5fd68961ab6bcb8884fcdeada2fd7500c7857f72d8dcc20c4647","sha512":"2f0c58b181e5f04177a192e1a73a1842b7ae974aca7d02cea7608d421ce128ce891c5286b742015b36acd168713a82d9cff5cb5503e8164b183e67cd2a044c14","ssdeep":"768:qFBLkpTb/jQT9vI/Vrl/zWvNob4/cUAK89OyjA1QKsdn+GKQkq/E1YApd65K84ka:jpTb/jQTZI/Vrl/KKb4/cUAK89OyjA1n","tlshash":"e6235288fb9e005e8a6931feac4e51cd76bd8075a500a87ebcdd14a415e4cbc12f9f78","first_seen":"2023-04-11T04:31:47Z","last_seen":"2026-06-06T08:27:54.482082Z","times_seen":490,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":52,"dns":30,"connect":1,"send":0,"wait":2,"receive":2,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"links.mail.vip-deals.com/Content/Img/favicon.ico","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":80,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.873Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Content/Img/favicon.ico HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://links.mail.vip-deals.com/error/error404?url=https:/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/x-icon\r\nLast-Modified: Mon, 24 Nov 2025 14:33:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"022195d4f5ddc1:0\"\r\nServer: Microsoft-IIS/10.0\r\nDate: Wed, 03 Dec 2025 05:57:28 GMT\r\nContent-Length: 1150\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"ed95131822437d0f02a03723287cec1f","sha1":"3445880dba0f35f127d10d812e32e2d8564e901c","sha256":"b8a848cbaad8f2b2b29aa131fdc0853a1b3ed22bc9730ec2d041291d30c3c505","sha512":"381ae91f3006dc5e9e1939d658ba6331307af5678a5156cb8e78cc4029e387b19da12c5a42a9596e8c00056631c6b7fd530481f12f1c2d397398f8cfcaceb3be","ssdeep":"","tlshash":"a421ab3a65702119d3eec7f71148397e9009dea477aa0fbbd0b4f518e5f91bc8384a51","first_seen":"2023-05-04T13:25:42Z","last_seen":"2026-06-06T13:32:18.647Z","times_seen":61,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"links.mail.vip-deals.com/error/error404?url=https:/","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":80,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-03T05:57:28.369Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /error/error404?url=https:/ HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nDate: Wed, 03 Dec 2025 05:57:28 GMT\r\nContent-Length: 1433\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.5.2","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Microsoft Ajax Content Delivery Network","description":"Microsoft Ajax Content Delivery Network hosts popular third party JavaScript libraries such as jQuery and enables you to easily add them to your web applications.","website":"https://docs.microsoft.com/en-us/aspnet/ajax/cdn/overview","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}],"data":{"size":1433,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"82bce47148bbe511131714dfd62e1b33","sha1":"215f73158b9cf1953617e721186c8b3fc2ebd918","sha256":"88e9073cacb1505841af8edbe8f8e1009e397227933450dca6aa20b5a563c294","sha512":"a739c6939e44977ead1f07d4613829d7e0d9c3de5a47ae6bfb8c14fc104ce604a61155633e7b5947bc6e250f47e9f2b868d884819c59cd444d3605c474531e8a","ssdeep":"","tlshash":"e221ce1e5c81c85d13b14ad5f8f2f66ed841a2075305d898b4dc106b6ff0bec8c97556","first_seen":"2025-12-03T05:17:56.304595Z","last_seen":"2026-04-28T14:40:38.826174Z","times_seen":52,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":43,"dns":1,"connect":42,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"links.mail.vip-deals.com/styles/error?v=Dasesv-OsmALXl7gQORIXgbAL5tO1bcaRWAmR5G_0iE1","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":80,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.632Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /styles/error?v=Dasesv-OsmALXl7gQORIXgbAL5tO1bcaRWAmR5G_0iE1 HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/error/error404?url=https:/\r\nCookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: public\r\nContent-Type: text/css; charset=utf-8\r\nContent-Encoding: gzip\r\nExpires: Thu, 03 Dec 2026 05:57:28 GMT\r\nLast-Modified: Wed, 03 Dec 2025 05:57:28 GMT\r\nVary: User-Agent,Accept-Encoding\r\nDate: Wed, 03 Dec 2025 05:57:28 GMT\r\nContent-Length: 495\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":705,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (705), with no line terminators","md5":"20b8717e1e7ce3dfe73bd284eb0ff00c","sha1":"4ba038b452e31880b251238c6c472c73456b04b5","sha256":"631696636e6426877bdc6dbc68919e8ad3fc971af8f5da49269a98e15e1d1236","sha512":"4b94677a6bd81147ada3a5cd0b8c589d11de1c25184b7409d749bd870997062f508e146c13630e24856f8e855f03f830772b50fa3e9c8fc065ef4a599ee7edd0","ssdeep":"","tlshash":"2801d02422c2602df01b9ab3b2b794d8b1508c02d6af69bd98161737e8ce4d94227618","first_seen":"2023-05-29T08:55:32Z","last_seen":"2026-05-31T03:12:51.377511Z","times_seen":16,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"links.mail.vip-deals.com/Content/pref.min.css","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":80,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.637Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Content/pref.min.css HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/error/error404?url=https:/\r\nCookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: no-cache\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nLast-Modified: Mon, 24 Nov 2025 14:33:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"022195d4f5ddc1:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/10.0\r\nDate: Wed, 03 Dec 2025 05:57:28 GMT\r\nContent-Length: 3346\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":11281,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11281), with no line terminators","md5":"f33ea5c6f0f063850e736969557443cb","sha1":"7d070d1925a5bd337630258587379a40767dd3ef","sha256":"963f135f3d8360ec3899fc32bb894c45a14aa2b470fc75333676539a1b1fa0f9","sha512":"9b71de5b11f421bfa64ee6ea0f25c814cb44008d5aeed461ebc06c2dbaeb8035961c0dc8b6e6a350615ee747004ac44aa8245dc59ff129cd938b5bffa768cefd","ssdeep":"192:yCed0OffBpB6BzVDrfHwKwCj2SKNfHEoQl/:/OffBpB6BzVDrojYwkoC","tlshash":"a932b7746f80542e793bc53be17da1e42a0a4680ed115a7eac75a2214dcc5f7d23ff48","first_seen":"2023-04-08T12:52:06Z","last_seen":"2026-06-06T13:32:18.650787Z","times_seen":48,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":4,"dns":1,"connect":41,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-3.5.2.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-migrate-3.5.2.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-367d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 03 Dec 2025 05:57:28 GMT\r\nage: 1862632\r\nx-served-by: cache-lga21955-LGA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 53, 31\r\nx-timer: S1764741449.713957,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 5025\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":13949,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (13851)","md5":"88d82ba2bc432aa8ea45a71fb47ebccf","sha1":"e2382b1ecea7bff8870bdf7ce03a7a6262b60237","sha256":"a1c51ea6d1cda1dd205b65f567ea25dce3550065b32095d4988b3ee2751e0cb2","sha512":"e6cfa24544c0af49d4b42eb5fe6b2cfacd628a511954cf02f82dc78dd774a79b197dfc71bde4b0f5fbc8e8c1f0dbbe715d4a121747c232e52f3dd57506b9f2c4","ssdeep":"192:XAprDN+s0g6YfKIUfmI9vP1lg+vm9kdg6iLJJaCJQ+h4MlcjbR4:XAprx0kfKIi7P1lrvmAiLJo+h4M2ju","tlshash":"e352e96db56679724eb731b8f03bd20b71b205dd160d8940d19cc8f6686dc9e822bf78","first_seen":"2024-07-22T23:39:43Z","last_seen":"2026-06-10T19:52:00.446623Z","times_seen":2612,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":61,"dns":4,"connect":26,"send":0,"wait":13,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"links.mail.vip-deals.com/Home/Favicon","fqdn":"links.mail.vip-deals.com","domain":"vip-deals.com","tld":"com"},"ip":{"addr":"46.248.181.125","port":80,"asn":47544,"as":"IQ PL Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://links.mail.vip-deals.com/error/error404?url=https:/","date":"2025-12-03T05:57:28.796Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Home/Favicon HTTP/1.1\r\nHost: links.mail.vip-deals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://links.mail.vip-deals.com/error/error404?url=https:/\r\nCookie: TEMP_DATA=3f132c79-d629-4635-8964-018691c15e69\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /Content/Img/favicon.ico\r\nDate: Wed, 03 Dec 2025 05:57:28 GMT\r\nContent-Length: 141\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-03","alert":"Sinkholed","trigger":"links.mail.vip-deals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}