{"report_id":"d8b34067-6890-480c-88d3-9c6fdbcc6eb6","version":6,"status":"done","tags":[],"date":"2025-08-06T10:40:30Z","url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"185.176.43.35","port":0,"asn":44476,"as":"Zetta Hosting Solutions LLC.","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"about","addr":"about:neterror?e=dnsNotFound\u0026u=https%3A//bipyat_flax-see94.bulkment.com/index.html%3FRef%3D\u0026c=UTF-8\u0026d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20bipyat_flax-see94.bulkment.com.","fqdn":"","domain":"","tld":""},"title":"Server Not Found"},"submit":{"url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"185.176.43.35","port":0,"asn":44476,"as":"Zetta Hosting Solutions LLC.","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-10T10:40:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-06","alert":"Sinkholed","trigger":"bipyat_flax-see94.bulkment.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"bipyat_flax-see94.bulkment.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-04-30","domain_rank":0,"first_seen":"2025-08-06T10:40:30.189588Z","last_seen":"2025-08-06T10:40:30.189588Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":556,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bipyat.awardspace.co.uk","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-10-21","domain_rank":0,"first_seen":"2025-08-06T10:40:30.190966Z","last_seen":"2025-08-06T10:40:30.190966Z","alert_count":0,"request_count":2,"received_data":15739,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"DoubleClick Ad Exchange (AdX)","description":"DoubleClick Ad Exchange is a real-time marketplace to buy and sell display advertising space.","website":"https://www.doubleclickbygoogle.com/solutions/digital-marketing/ad-exchange/","common_platform_enumeration":"","icon":"DoubleClick.svg","categories":["Advertising"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7671dc2600f323ff77450a939e102a42","sha1":"c6ec3dba242751d22237737e600de2e871a9878e","sha256":"6fa0d5bc33af68ab92a6239c84252b50a766946da9a2512423b66cb2839c4a84","sha512":"6c2de7d541fe4ef2dff4a98147f3fdeaeb9a82d9cb1b31996d64d76ddd8fd6001070226bf3fedff0177c7520a68e9cac1b362d52e9bb821b8b2a02aa978be930","ssdeep":"","tlshash":"50d0a7d853095911c83b0515e6ff05cd70ac51d5180a684b5c245bd417d035ee2195ec","size":227,"data":"","first_seen":"2025-08-06T10:40:31.899679Z","last_seen":"2025-08-06T10:40:31.899679Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f46f14a4e4457959638fe8899ee1e37f","sha1":"ca99cf690bb792e62655d7d26f543ce3ce07b1d4","sha256":"b497fb6dabdd3be803b8c829308a176c4251483c21ab2da0f8c1f95190b9d140","sha512":"734b91d50e4820b1fa8f4f2b719e871fe960750938f68f01c5deb9d76a0c467e1d0480dc7f4733514238c9876410ef2d3e44cdc146362d25f3560073278c3f1f","ssdeep":"","tlshash":"9c60000003003030c0f0303000c00000000c00003c000303ccc00ccc03c00c0c000000","size":15,"data":"","first_seen":"2025-08-06T10:40:31.904349Z","last_seen":"2025-08-06T10:40:31.904349Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"0831f37859db1a8d89bd61fbdfbf9d65","sha1":"a4754dd67a004463078450d0a1952e100ab332f4","sha256":"01beb14447dee393015a4442a8ba171c9d3f04fa0de70e6716d7e13811f3a4e4","sha512":"de57081c9af21b9bcea4bdd63205859a838b113dd85a04d12d85c68f6ce09036659327a0e2a992905a08a3988785ad6a67d8c78265ae43f60bc84f4cb7d25f4c","ssdeep":"","tlshash":"036000000000282e8a80282088800008000800002a00000208002cca020000088a0080","size":16,"data":"","first_seen":"2025-08-06T10:40:31.909133Z","last_seen":"2025-08-06T10:40:31.909133Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"46c8b5b3be19048272cadfa8d407cf1e","sha1":"1e2a3432fb9c253f7a0ce44142678d9ae44de6ae","sha256":"6584d5ebc92a3273d1b0fbc0352ee90f4ae6a577ff76c92838335ea57c189600","sha512":"7b9487c550111f205d3867d25a477ba20a84a6990e0524e7fb50439add6693f69d5d0e57d4666dd165bb0ebc37320d641224fa2c7ddca44f603370143f1d80eb","ssdeep":"","tlshash":"89e09263f2014403e457c30e66d4fd4b09a372d1f0d39275f889d008f1428d4258c4f8","size":405,"data":"","first_seen":"2025-08-06T10:40:31.913873Z","last_seen":"2026-03-24T06:53:28.036268Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bipyat_flax-see94.bulkment.com/index.html?Ref=","fqdn":"bipyat_flax-see94.bulkment.com","domain":"bulkment.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-06T10:40:08.389Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.html?Ref= HTTP/1.1\r\nHost: bipyat_flax-see94.bulkment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://bipyat.awardspace.co.uk/\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-06","alert":"Sinkholed","trigger":"bipyat_flax-see94.bulkment.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-06T10:40:07.842Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /flax-see94/ HTTP/1.1\r\nHost: bipyat.awardspace.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":110,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bipyat.awardspace.co.uk/flax-see94/","fqdn":"bipyat.awardspace.co.uk","domain":"awardspace.co.uk","tld":"co.uk"},"ip":{"addr":"185.176.43.35","port":80,"asn":44476,"as":"Zetta Hosting Solutions LLC.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-06T10:40:08.022Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /flax-see94/ HTTP/1.1\r\nHost: bipyat.awardspace.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 06 Aug 2025 10:40:08 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 26 Nov 2009 06:29:52 GMT\r\nETag: \"3c6c-479404d818507\"\r\nAccept-Ranges: bytes\r\nContent-Length: 15468\r\nKeep-Alive: timeout=4, max=90\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DoubleClick Ad Exchange (AdX)","description":"DoubleClick Ad Exchange is a real-time marketplace to buy and sell display advertising space.","website":"https://www.doubleclickbygoogle.com/solutions/digital-marketing/ad-exchange/","common_platform_enumeration":"","icon":"DoubleClick.svg","categories":["Advertising"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":15468,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5934), with CRLF, LF line terminators","md5":"39358b9df30a71a0362a5211fd0929be","sha1":"3d2cf69c5cf8e293571885d501354621e08134fa","sha256":"ab0f9a1e5b15fc05bbd21c4e33b4419dba09c4fe7011693bac6fcc0b2e991d46","sha512":"33b04f4b770642099d15175ec63520f061bedc079906ac843c954ad138d94df036c7f6049a650f4925cd429b3012012849e28d711ca15cbe87fbba8f5e246180","ssdeep":"384:1PFezRGcpR0GNjX9GNeXBe6LPL0+1HkGbCqGYNGSMGECpsGgHGATDGmIdMyGCxHU:1PYzbLX9DBJtiHChDgSDMZn","tlshash":"5e62d4aa678c2127073113d863b55af4f6224093b28f4d9038dc562f7f55e8db7a339a","first_seen":"2025-08-06T10:40:31.894631Z","last_seen":"2025-08-06T10:40:31.894631Z","times_seen":1,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":50,"dns":1,"connect":52,"send":0,"wait":55,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}