{"report_id":"d90f0d81-74ff-48d6-8282-5a75fa422f0e","version":0,"status":"done","tags":[],"date":"2026-07-03T20:55:01Z","url":{"schema":"https","addr":"mailer.soham-sn.com","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":0,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"https","addr":"mailer.soham-sn.com/","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"title":"GameToLife Servers - Premium Gaming Server Hosting","dom":{"size":21555,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (780)","md5":"a2e3a54ff73af40039769bf411683fec","sha1":"6f9f8f89b85684f18fa06f144026863729481915","sha256":"6c0eaa07d1de87db9f2f07d6b66f248f58a506abc3377b39390b37467c8fbcc5","sha512":"75187ebef5af1da738222e3cc0e3c67859096e542ec7d0b1499c3b9a0703ec55e4c319a67449533ed6200f5c80fbcc18813dc758dfd8756be0bd9256dd497479","ssdeep":"192:wPTyNOONrwJHd730dOEswLja7Z/9YfGC5hzdLqYwIcj:vNOONOo3l/nu","tlshash":"71a2bb34a5f0223b419381c2aea25b2f2fa9e693da5f014173bc07e25fd3d89dd47529","dom_hash":"domhash9afde33d22330328bedbefd91fa45d6c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"mailer.soham-sn.com","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":0,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T20:55:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mailer.soham-sn.com","ip":{"addr":"151.243.18.53","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"domain_registered":"2024-08-16","domain_rank":0,"first_seen":"2026-01-19T16:38:36.446843Z","last_seen":"2026-04-09T23:30:42.328948Z","alert_count":12,"request_count":4,"received_data":54527,"sent_data":1896,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-28T22:19:26.805281Z","alert_count":0,"request_count":6,"received_data":261870,"sent_data":3528,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":18291,"sent_data":574,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mailer.soham-sn.com/scripts.js","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4cf49a1b8976d1d135c1b268245117cc","sha1":"cc3b6c28ff711d8458ca1adef0e286e8c6db0f85","sha256":"ca0bd362f3dc9f8fb8c0d0320adc41cfa0432f50f4579094bb56beb7a28962e6","sha512":"6bed09798c9d4803c38f31e47a609bd79916dad5c372068ef99e772f59bf8ad2f5501995b1bcc88ce9207ea99d5cd7a0e28b242332d05427f7c39b9c2321e7bd","ssdeep":"192:Y9YxNtTAC22YQq8v6Pn19CXNevKlvJ0tmMhBd/L/tK9apK0RePVm0cISvT89PUm6:hYWwgatmMhBd/btxpH0cI4","tlshash":"1842633b69b714310137516757af63083734011b3185de6a3f2e97990fc2e28abe7ae6","size":13070,"data":"","first_seen":"2026-01-19T16:38:40.86863Z","last_seen":"2026-07-03T20:55:02.449209Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"🎮 GameToLife Servers","filename":"https://mailer.soham-sn.com/scripts.js","line_number":391,"column_number":9},{"level":"log","text":"Welcome to the developer console! 🚀","filename":"https://mailer.soham-sn.com/scripts.js","line_number":392,"column_number":9},{"level":"log","text":"Need help? Contact our support team at support@gametolifeservers.com","filename":"https://mailer.soham-sn.com/scripts.js","line_number":393,"column_number":9},{"level":"log","text":"GameToLife Servers website initialized","filename":"https://mailer.soham-sn.com/scripts.js","line_number":14,"column_number":13},{"level":"log","text":"Page loaded in 1692ms","filename":"https://mailer.soham-sn.com/scripts.js","line_number":375,"column_number":13}]},"http":[{"url":{"schema":"https","addr":"mailer.soham-sn.com/","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T20:54:37.790Z","timestamp":1783112077790,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mailer.soham-sn.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 01:42:48 GMT","end":"Sun, 13 Sep 2026 01:42:47 GMT"},"fingerprint":{"sha1":"BC:05:60:73:34:28:EE:2D:A7:62:D0:A2:E2:13:B0:0E:1A:63:0C:91","sha256":"23:BE:E7:35:43:1A:4E:9F:4F:09:8E:5E:23:46:F6:E4:2B:7C:70:80:43:3A:C4:C9:C7:9A:EB:FD:22:23:3B:31"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mailer.soham-sn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 20:54:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 3460\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19637,"size_decoded":3656,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (774)","md5":"275cedc17b8c4859f4b1d095943bc129","sha1":"dd88d3cf6490f1bcea16de935fa1473545481637","sha256":"2309695431c3f44218fe947d42a6a4b54bb3e504812ae6bb1ab36c0786fa554b","sha512":"79105ccfe8ddf7140def82fc2216226ce5b1814b0c516e01dc938e239eabe690229857dd8da7b9d061fbe076cf4a1271bd2933e543e36e48f440c465c7ea7e35","ssdeep":"96:TR2xSDSDSEwPlE6GwJb/zx7/f098mbQcByG/+98UOb9FUSqvZLJGEUYG69T:TRNOONOwJcNZ/9xtsdZT","tlshash":"9792a935a4f5223b419381d6ae215b2f2fe5ea93da5f020032bc4be14fd3d8add17529","first_seen":"2026-01-19T16:38:40.881164Z","last_seen":"2026-07-03T20:55:02.444092Z","times_seen":14,"resource_available":true,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":10,"connect":92,"send":0,"wait":498,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.265Z","timestamp":1783112079265,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mailer.soham-sn.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 06:03:31 GMT\r\nexpires: Fri, 02 Jul 2027 06:03:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 139868\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":31432,"size_decoded":32245,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-07-04T02:18:59.067246Z","times_seen":9192,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":20,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.267Z","timestamp":1783112079267,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mailer.soham-sn.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 01:48:31 GMT\r\nexpires: Fri, 02 Jul 2027 01:48:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 155168\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-04T02:16:40.784998Z","times_seen":226169,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":50,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.269Z","timestamp":1783112079269,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mailer.soham-sn.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 06:03:31 GMT\r\nexpires: Fri, 02 Jul 2027 06:03:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 139868\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":31432,"size_decoded":32245,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-07-04T02:18:59.067246Z","times_seen":9192,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":28,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mailer.soham-sn.com/favicon.ico","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.426Z","timestamp":1783112079426,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mailer.soham-sn.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 01:42:48 GMT","end":"Sun, 13 Sep 2026 01:42:47 GMT"},"fingerprint":{"sha1":"BC:05:60:73:34:28:EE:2D:A7:62:D0:A2:E2:13:B0:0E:1A:63:0C:91","sha256":"23:BE:E7:35:43:1A:4E:9F:4F:09:8E:5E:23:46:F6:E4:2B:7C:70:80:43:3A:C4:C9:C7:9A:EB:FD:22:23:3B:31"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mailer.soham-sn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mailer.soham-sn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 20:54:39 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Sat, 30 May 2026 01:41:18 GMT\r\netag: W/\"b52-652ff0ec6809b\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":1587,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-07-03T23:58:57.236115Z","times_seen":6967,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700\u0026family=JetBrains+Mono:wght@400;500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.087Z","timestamp":1783112079087,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700\u0026family=JetBrains+Mono:wght@400;500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mailer.soham-sn.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 03 Jul 2026 20:54:39 GMT\r\ndate: Fri, 03 Jul 2026 20:54:39 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17607,"size_decoded":1659,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8e29433210fe9160b731676adc13f565","sha1":"1a2304d7b9d308411f6a7da0c54d2131b8623e65","sha256":"90dfbe3bfb45fa1526050176561a89281cc684f44b34692a4faa8c78bfffe0c3","sha512":"b2faf95eed90a73e178e778c4f5cf882b05cee22dcc42ada7c550334916e97240ed6c6ddc186a9cdee64b1e6150985445503a90a63546f13c73ab87745087a65","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGgG+7p3ZA3:8KYXuM0p2+QOGCE","tlshash":"4682aa92002ba400ab871cc673cf7e3aadce50496085d5b99ffe0d899ceec66537875d","first_seen":"2025-09-28T05:52:16.335962Z","last_seen":"2026-07-04T01:50:08.749836Z","times_seen":345,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":34,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mailer.soham-sn.com/style.css","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.090Z","timestamp":1783112079090,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mailer.soham-sn.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 01:42:48 GMT","end":"Sun, 13 Sep 2026 01:42:47 GMT"},"fingerprint":{"sha1":"BC:05:60:73:34:28:EE:2D:A7:62:D0:A2:E2:13:B0:0E:1A:63:0C:91","sha256":"23:BE:E7:35:43:1A:4E:9F:4F:09:8E:5E:23:46:F6:E4:2B:7C:70:80:43:3A:C4:C9:C7:9A:EB:FD:22:23:3B:31"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: mailer.soham-sn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mailer.soham-sn.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 20:54:39 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Dec 2025 18:39:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69459bdb-45b2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17842,"size_decoded":3883,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"d7026078a1aba84cb37986cf19a0db62","sha1":"811dc36a14f136faf50b032484d573924fae66a1","sha256":"22a379a2a0d70e520f88f70488d4491b87fac4bc8a555ce8e1e50233f60c96ef","sha512":"ea6af4954756011cc9d8a97809d5723b053ad79a0d802857afe6cea61ced89a10ccbe88d64f24f1c4de598f6704889629247adf9215c9f46a05b6dd2d4c210b5","ssdeep":"192:8nDEMMSUgPLUYD962BajtLq0bYn6YkM9wYrQHNZwRnh8V7hy8yX0l1sCf0tEF/mC:8nDggwmJFov0NMyIvOGRCQWg6y","tlshash":"b782315456b3cab4a83ba66667efa708335c90478d0adc697adc31048fc93fc6162b4c","first_seen":"2026-01-19T16:38:40.884382Z","last_seen":"2026-07-03T20:55:02.448023Z","times_seen":14,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mailer.soham-sn.com/scripts.js","fqdn":"mailer.soham-sn.com","domain":"soham-sn.com","tld":"com"},"ip":{"addr":"151.243.18.53","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.091Z","timestamp":1783112079091,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mailer.soham-sn.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 01:42:48 GMT","end":"Sun, 13 Sep 2026 01:42:47 GMT"},"fingerprint":{"sha1":"BC:05:60:73:34:28:EE:2D:A7:62:D0:A2:E2:13:B0:0E:1A:63:0C:91","sha256":"23:BE:E7:35:43:1A:4E:9F:4F:09:8E:5E:23:46:F6:E4:2B:7C:70:80:43:3A:C4:C9:C7:9A:EB:FD:22:23:3B:31"}}},"request":{"raw":"GET /scripts.js HTTP/1.1\r\nHost: mailer.soham-sn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mailer.soham-sn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 20:54:39 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 19 Dec 2025 18:39:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69459bda-330e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13070,"size_decoded":3723,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"4cf49a1b8976d1d135c1b268245117cc","sha1":"cc3b6c28ff711d8458ca1adef0e286e8c6db0f85","sha256":"ca0bd362f3dc9f8fb8c0d0320adc41cfa0432f50f4579094bb56beb7a28962e6","sha512":"6bed09798c9d4803c38f31e47a609bd79916dad5c372068ef99e772f59bf8ad2f5501995b1bcc88ce9207ea99d5cd7a0e28b242332d05427f7c39b9c2321e7bd","ssdeep":"192:Y9YxNtTAC22YQq8v6Pn19CXNevKlvJ0tmMhBd/L/tK9apK0RePVm0cISvT89PUm6:hYWwgatmMhBd/btxpH0cI4","tlshash":"1842633b69b714310137516757af63083734011b3185de6a3f2e97990fc2e28abe7ae6","first_seen":"2026-01-19T16:38:40.86863Z","last_seen":"2026-07-03T20:55:02.449209Z","times_seen":14,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"mailer.soham-sn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.259Z","timestamp":1783112079259,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mailer.soham-sn.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 01:48:31 GMT\r\nexpires: Fri, 02 Jul 2027 01:48:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 155168\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-04T02:16:40.784998Z","times_seen":226169,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":30,"send":0,"wait":36,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.261Z","timestamp":1783112079261,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mailer.soham-sn.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 01:48:31 GMT\r\nexpires: Fri, 02 Jul 2027 01:48:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 155168\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-04T02:16:40.784998Z","times_seen":226169,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":42,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mailer.soham-sn.com/","date":"2026-07-03T20:54:39.271Z","timestamp":1783112079271,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mailer.soham-sn.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 01:48:31 GMT\r\nexpires: Fri, 02 Jul 2027 01:48:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 155168\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-04T02:16:40.784998Z","times_seen":226169,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":52,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
