{"report_id":"d593a50a-1ed6-4b76-9b36-a7fb984bd60a","version":6,"status":"done","tags":[],"date":"2026-04-24T13:53:09Z","url":{"schema":"http","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"title":"Melden Sie sich an bei Ihrem Microsoft Konto","dom":{"size":2077,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2269c1372e1193466ef70c4b0d7dee46","sha1":"10a0473d238152f2eef733af2aa50b5310bac563","sha256":"ae067c44f178fb6b19d33d56a12c1ea3e436b97d929bad9a08a979e611644509","sha512":"41f54c319a3a779d8fa2727da92f151097e510ee8318b22fc1537ccd4ddd3d18b74728dcc27141119776d68bd9cd5de1d5da1660c73a801686dac782ed27a34c","ssdeep":"","tlshash":"8241505090f9187b1292d2c539a1af6aafd09e17c2092d08b1fc5ac95fdbec1cc9787d","dom_hash":"domhash290ca852ba4df75c9e1de018589e4394","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-29T13:53:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2026-04-23","domain_rank":0,"first_seen":"2026-04-24T13:35:51.070423Z","last_seen":"2026-04-24T13:35:51.070423Z","alert_count":28,"request_count":7,"received_data":31039,"sent_data":3742,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/app.js","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a27473c53013a73b447f8258031c06c","sha1":"b453465eafbac2549d7a822a2a01fd228d37dd67","sha256":"c0904dcc77eaa5a566e9fa66c1c8de0389be25ac41934872e04ce9df737422f2","sha512":"b385bed330f8c1ea01ad0fe6b31fc8cb6ef9b9ba60c407fd04f943b52a3d493e87e9ad7ba3ab5778fc4236425646d9e672f4174d7e0438a65894b856f924766b","ssdeep":"","tlshash":"1f31416b36ef123096a738bf0bef03447231504334049d08f96c9a10afabe2529b67d8","size":1779,"data":"","first_seen":"2026-04-24T13:35:54.832236Z","last_seen":"2026-04-24T23:31:07.144389Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/favicon.ico","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","date":"2026-04-24T13:52:46.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET /assets/favicon.ico HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-type: image/x-icon\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"4316-19db1f9cf40\"\r\nlast-modified: Tue, 21 Apr 2026 21:37:12 GMT\r\nx-powered-by: Express\r\ncontent-length: 17174\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":17174,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-04-26T08:54:53.555806Z","times_seen":164245,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-24T13:52:46.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"83a-8QtVnGxIKrhx14kcpmOBnlM2di4\"\r\nx-powered-by: Express\r\ncontent-length: 2106\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2106,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"25ed2108786518a415f159e6b510ee87","sha1":"f10b559c6c482ab871d7891ca663819e5336762e","sha256":"3049ac3e38e4950a0ab47c1f3d808fa23d2b8f8bd5652fcc6ae9bd2ac2a5b945","sha512":"34f0b4dde108b1fe6c6669c202df53266d38c6adad8c26606ab8f94ddb4ddb61d78947421d0c4f33a7eb9019c0873f9317aa4fa5c3c69d6b8ad2504f37cde868","ssdeep":"","tlshash":"9d414f5050f9187701d2d2d439a1aa6a6ed19a53c3492d0871fc9ac69fdbec0cc978b9","first_seen":"2026-04-24T13:35:54.835877Z","last_seen":"2026-04-24T23:31:07.140561Z","times_seen":4,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":86,"dns":1,"connect":34,"send":0,"wait":35,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/app.css","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","date":"2026-04-24T13:52:46.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET /assets/app.css HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"15b3-19db1f9cf40\"\r\nlast-modified: Tue, 21 Apr 2026 21:37:12 GMT\r\nx-powered-by: Express\r\ncontent-length: 5555\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":5555,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"assembler source, ASCII text, with very long lines (496)","md5":"8718d239bed97a06ccc1c2207a66992f","sha1":"eb50158016437bbe86c1023f3380ac69bed396a1","sha256":"ebf7a293b7689cfca68deeca8306f6d68c46fbe2b13053181a00ede292d15875","sha512":"05eeee195de8ed1b5bf19985aab14ed8720fe58f4683761037f89cb2426eb11b24cbbba11f89e95868d78a08383e16a3150f33c57592f3a425663f1b17fc043b","ssdeep":"96:dWHThRjenrjHglF2H/Eqv3effFeC8iDn/FBgRs4gqVl8NqPZ9GFNqVJw7fVwcDnO:k3EH/PyfFxn/FBgC4XloqPZ9GF0VJmfo","tlshash":"b6b1d452aa630847b41bc41d1bb9db9533ad5183820fce7e7aec725c8f4e3d49561b88","first_seen":"2026-04-24T13:35:54.838044Z","last_seen":"2026-04-24T23:31:07.141271Z","times_seen":4,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/logo.png","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","date":"2026-04-24T13:52:46.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET /assets/logo.png HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-type: image/png\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"578-19db1f9cf40\"\r\nlast-modified: Tue, 21 Apr 2026 21:37:12 GMT\r\nx-powered-by: Express\r\ncontent-length: 1400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1400,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced","md5":"333ee830e5ab72c41dd9126a27b4d878","sha1":"12d8d66ebb3076f3d6069e133c3212f97c8774e1","sha256":"8702292cbc365e9f0488143e2b309b85efe09c61fd2e0a2e21c53735a309313c","sha512":"3413ed624241877c1d44fee23fd37745cb214c12ae73facfafa07b47fa1cb9e5daa3cb7f542564e04075ffe8ba744c962fbdd78f08a643a90c0ec1118c05bbf8","ssdeep":"","tlshash":"7521e964bab8a520130e30a09d305d1ad47f42ec99189e4e71c4e00a334ca094b5d83b","first_seen":"2023-07-01T14:36:17Z","last_seen":"2026-04-24T23:31:07.142435Z","times_seen":17827,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/app.js","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","date":"2026-04-24T13:52:46.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET /assets/app.js HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"6f3-19db1f9cf40\"\r\nlast-modified: Tue, 21 Apr 2026 21:37:12 GMT\r\nx-powered-by: Express\r\ncontent-length: 1779\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1779,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text","md5":"5a27473c53013a73b447f8258031c06c","sha1":"b453465eafbac2549d7a822a2a01fd228d37dd67","sha256":"c0904dcc77eaa5a566e9fa66c1c8de0389be25ac41934872e04ce9df737422f2","sha512":"b385bed330f8c1ea01ad0fe6b31fc8cb6ef9b9ba60c407fd04f943b52a3d493e87e9ad7ba3ab5778fc4236425646d9e672f4174d7e0438a65894b856f924766b","ssdeep":"","tlshash":"1f31416b36ef123096a738bf0bef03447231504334049d08f96c9a10afabe2529b67d8","first_seen":"2026-04-24T13:35:54.832236Z","last_seen":"2026-04-24T23:31:07.144389Z","times_seen":4,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/key.png","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","date":"2026-04-24T13:52:46.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET /assets/key.png HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-type: image/png\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"2d7-19db1f9cf40\"\r\nlast-modified: Tue, 21 Apr 2026 21:37:12 GMT\r\nx-powered-by: Express\r\ncontent-length: 727\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":727,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"839cb0f55c3d2d5c2f740bda95cb2878","sha1":"93f6fa3a2da8b7184d4b5c5f2065872793370c2e","sha256":"40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652","sha512":"ecbca8ab21bf3302c88f933cfd248cff5553afe152a170f554c27fd67bdc3e7d8ce79e202561fd0658e41820681eb90f74e38fd09390c517afb34d2c1b65a096","ssdeep":"","tlshash":"860115c7471c28edd8791de1d9964a07463df431406923122e26937445375899f756f0","first_seen":"2023-07-01T14:36:17Z","last_seen":"2026-04-24T23:31:07.14374Z","times_seen":19530,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/assets/question.png","fqdn":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","domain":"norreply.com","tld":"com"},"ip":{"addr":"88.198.84.106","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/","date":"2026-04-24T13:52:46.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 07:04:00 GMT","end":"Wed, 22 Jul 2026 07:03:59 GMT"},"fingerprint":{"sha1":"29:EC:6F:4B:78:6A:EE:93:C1:2B:E0:72:BF:66:09:5F:56:A4:43:DF","sha256":"CF:AB:C4:5F:D5:63:99:7E:29:6D:49:F8:4D:B2:F5:A8:E2:23:2E:FE:DF:C2:8F:CE:15:72:5B:A0:E0:64:D4:73"}}},"request":{"raw":"GET /assets/question.png HTTP/1.1\r\nHost: microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\ncontent-type: image/png\r\ndate: Fri, 24 Apr 2026 13:52:46 GMT\r\netag: W/\"19c-19db1f9cf40\"\r\nlast-modified: Tue, 21 Apr 2026 21:37:12 GMT\r\nx-powered-by: Express\r\ncontent-length: 412\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"50b10112a310a563ddf323ed436de70c","sha1":"fed1aa54cd30335fd2e2596cc8adac11bed0251e","sha256":"e8d06c0a072a671e5843de9a12f4cd826ca5e17bbeb4c57ee9c410ee878998e8","sha512":"7226c99836fa773173c746bb40c856882d913eea229eabced8faf194f913f1f6aaa6f2dfc132c55fa33bdf6125407e1964b8ddf00c7f3539873437570d18ff54","ssdeep":"","tlshash":"c0e08a87130875fb435de5d015517c157c725229335e234b10a5c00c10def8111c975b","first_seen":"2023-07-01T14:36:17Z","last_seen":"2026-04-24T23:31:07.143086Z","times_seen":223,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"microsoft.security.82a7c75895bc4ad7bbe3a494d299ee52.norreply.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}