{"report_id":"e63119d7-40bf-4e1e-8cb3-127d7a785c36","version":6,"status":"done","tags":[],"date":"2026-03-14T12:46:57Z","url":{"schema":"http","addr":"wachecks.xyz","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":0,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"final":{"url":{"schema":"https","addr":"wachecks.xyz/check.php?lang=en","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"title":"WhatsApp Safety Check Center","dom":{"size":20157,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (484)","md5":"85bd7aff39b5ebfacc2fbed7731e5ac4","sha1":"a6f55a6e77daf37f0325f8a6ab042acd180b1816","sha256":"77f656d034c8b7c861ccdf05f738ea8d9fa39a9b05709678a4b5f0c93a2eb6bb","sha512":"ab9debc57b9c9e64896e5f1e8036c9c274ae2427469cc07ccc2bf25f6ccdafc8b96f9119cd75a959c7dd2daf354dd0668c0e6c7f131333c030cafc36bc15bced","ssdeep":"192:BrAC8FyAGKlSEBvQezoEByCJB490R/dUvzHWyWQxr8nxTrjyf+kJB9M+Zp4bzQTt:BrAblzt/e90Mvz2yWQKn9yjJXUXHjxq","tlshash":"1e92739b66b71429b45320ac7beb660672359003d209ec187f5d63a88f879e4ec7379c","dom_hash":"domhash89a00bc1226d913c857f19bdef55e79f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wachecks.xyz","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":0,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-18T12:46:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wachecks.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"wachecks.xyz","ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"domain_registered":"2026-03-11","domain_rank":0,"first_seen":"2026-03-14T12:46:58.012853Z","last_seen":"2026-03-14T12:46:58.012853Z","alert_count":20,"request_count":5,"received_data":26764,"sent_data":2309,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wachecks.xyz/check.php","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":true,"md5":"0e90385293bf9493b2defc497011a4b9","sha1":"69133c33d389a4d144fb31339d812590c7612412","sha256":"d019d5852fdf82fdbca384e62cf478ce5b8b1b4d3c1dd0d6d5c074b61ab8e52a","sha512":"1e3d411b076eeddc1002ed083afda0aa138e5590a8be22f33597cfffcec151a97a77c1d3cdbf388339d9bc2984dadfc95f38fa5cbe3cc2cce8d99acca616ee9f","ssdeep":"96:A3kJnB9WJIdZp4b4iQTsku/qUFoWyzyoZ/Y1qkj5VpGVOx:qkJB9M+Zp4bzQTskuiUFoWyjW1qkjrpz","tlshash":"9aa1dbae78b7603290a7306e77eba608752410433405fc497f1e8b045fc7e65e9f6aac","size":5040,"data":"","first_seen":"2026-03-14T12:47:01.689848Z","last_seen":"2026-03-18T12:16:31.933219Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wachecks.xyz/lang/en.js?t=1773492399094","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":false,"md5":"93dee57f4cba9a782263777de4da6c60","sha1":"1e1cc2428fba5e35f956b7cb1c63fd5753545aa7","sha256":"a5fac817e82049afb057775ad603b2a59abed6044b3c6e298d102fd208a8edaa","sha512":"af2bd4242856272554c5a136535d166b03db7eb12e1241ff44d62b1cabf4504ef741b65a4e0c0b9573f9f96ba4b6a9f74f4f72a82fe8f27ef650dec260a3641f","ssdeep":"","tlshash":"2831448b435a21264e4344503e8e1a66f33430acdf76a87af9ed005c37dd66995ff5c1","size":1645,"data":"","first_seen":"2026-03-14T12:47:01.686429Z","last_seen":"2026-03-18T12:16:31.923502Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wachecks.xyz/","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":true,"md5":"d373d51f6c31c18934cafeae2884fcf1","sha1":"6ccd8d6f0e048fa0438873d3f7f4ae01712c7eef","sha256":"1754354c530d4b3d71473515e114144232bd2f338944559d86e60a069c50d25a","sha512":"7958cfc7eb6a1ba9863305c4ff759dd2e6eebfe7f7ce7f82c4a78283801165e5451494fe0b12aa27fbe78b64128994bf87f486ab77e6007d57a5dc0b1f6d0ff2","ssdeep":"","tlshash":"dab0129a146200443263d031052b1400103720ab010cc900be0dc1500f3431f22d36cc","size":88,"data":"","first_seen":"2026-03-14T12:47:01.691664Z","last_seen":"2026-03-18T12:16:31.931079Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wachecks.xyz/","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-14T12:46:36.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wachecks.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:22:27 GMT","end":"Tue, 09 Jun 2026 12:22:26 GMT"},"fingerprint":{"sha1":"08:5A:C7:B2:EB:93:0C:64:8E:51:3A:D2:41:04:0D:66:CF:C3:95:31","sha256":"15:1C:C7:24:CE:64:30:4F:22:7E:2D:CF:77:77:D8:2B:98:90:AB:E3:9A:A5:BE:54:9C:5D:32:D0:7C:9A:69:4A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wachecks.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1364\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 14 Mar 2026 12:46:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3505,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (390)","md5":"382db32ef3a66927a13b091f74cf679c","sha1":"9d070f7a9e71f07cd42d08413f4ffa8a1e79c102","sha256":"7f871c746ff9b15e9b79c5e2559074f0e71a223d621f3bf79b5e8b553033da2e","sha512":"b7e16668ba59dc01c26970c927bce90f5b0b241a6821f3f32ab65440c92feb81d38ecb2b154a4d5b697aebd2966d9311c9f04acc2ac8acd1aa739337ede74455","ssdeep":"","tlshash":"3571cb5a42f30118b51395701ffa16242669c58b824ec9183fdc32a8ef996ce9df37d9","first_seen":"2026-03-14T12:47:01.680467Z","last_seen":"2026-03-18T12:16:31.926895Z","times_seen":6,"resource_available":false,"data":null}},"time_used":999,"timings":{"blocked":416,"dns":82,"connect":162,"send":0,"wait":167,"receive":0,"ssl":169},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wachecks.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wachecks.xyz/favicon.ico","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wachecks.xyz/","date":"2026-03-14T12:46:37.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wachecks.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:22:27 GMT","end":"Tue, 09 Jun 2026 12:22:26 GMT"},"fingerprint":{"sha1":"08:5A:C7:B2:EB:93:0C:64:8E:51:3A:D2:41:04:0D:66:CF:C3:95:31","sha256":"15:1C:C7:24:CE:64:30:4F:22:7E:2D:CF:77:77:D8:2B:98:90:AB:E3:9A:A5:BE:54:9C:5D:32:D0:7C:9A:69:4A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wachecks.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wachecks.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 259\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sat, 14 Mar 2026 12:46:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":259,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"490f59a6ad3bc155f960861fba94a75b","sha1":"4de75fd13e0faf5ac9493344f8d52ed7c9d887c7","sha256":"b0baa46a0d77a1e0b691403f87c1db697c25b07e4e0527ef7726acbe526abc49","sha512":"1d7213ae8efeac148b51397205ee874efac34040e39393d08ac05c750bcd7f00c0ab5907639e3b43195cde8396d3ccab3d1274262b2cdc0de9479a0667e5301b","ssdeep":"","tlshash":"05d02b9e504323960811145039c111c2228812ea647981e82dc5d447525863dccca2cd","first_seen":"2026-03-14T12:47:01.682507Z","last_seen":"2026-03-15T00:03:55.493281Z","times_seen":3,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wachecks.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wachecks.xyz/check.php","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-14T12:46:38.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wachecks.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:22:27 GMT","end":"Tue, 09 Jun 2026 12:22:26 GMT"},"fingerprint":{"sha1":"08:5A:C7:B2:EB:93:0C:64:8E:51:3A:D2:41:04:0D:66:CF:C3:95:31","sha256":"15:1C:C7:24:CE:64:30:4F:22:7E:2D:CF:77:77:D8:2B:98:90:AB:E3:9A:A5:BE:54:9C:5D:32:D0:7C:9A:69:4A"}}},"request":{"raw":"GET /check.php HTTP/1.1\r\nHost: wachecks.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wachecks.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 5361\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 14 Mar 2026 12:46:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20083,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"6ff7456c5b395abf5a7cf1206f780714","sha1":"391b032d0c132c5a5af5df3ab91f3c5755bcc200","sha256":"caa63051f216486d7a36ae3ac25b5d84fddfba495ab8b914e78a80f3e9be5670","sha512":"b35142d5aa129d178d5d2d1cd602798811668fe089ad93d11d97f5839618feb5b86376dd8164c020faff7185cf3ca2e6757f95f189a0bb5ee622aed5667756cf","ssdeep":"192:dAC8FyAGKlSEBvQezoEByCJB490R/daAQHd9SeQxynGvTrjyf+kJB9M+Zp4bzQTb:dAblzt/e90iAQLSeQongyjJXUXHjxY","tlshash":"7192729b66b71029b45320bc7beb660672359003d209ec187f5d67a88f879a4ec737dc","first_seen":"2026-03-14T12:47:01.684572Z","last_seen":"2026-03-18T12:16:31.928925Z","times_seen":6,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wachecks.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wachecks.xyz/lang/en.js?t=1773492399094","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wachecks.xyz/check.php","date":"2026-03-14T12:46:39.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wachecks.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:22:27 GMT","end":"Tue, 09 Jun 2026 12:22:26 GMT"},"fingerprint":{"sha1":"08:5A:C7:B2:EB:93:0C:64:8E:51:3A:D2:41:04:0D:66:CF:C3:95:31","sha256":"15:1C:C7:24:CE:64:30:4F:22:7E:2D:CF:77:77:D8:2B:98:90:AB:E3:9A:A5:BE:54:9C:5D:32:D0:7C:9A:69:4A"}}},"request":{"raw":"GET /lang/en.js?t=1773492399094 HTTP/1.1\r\nHost: wachecks.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wachecks.xyz/check.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Mar 2026 03:53:28 GMT\r\netag: \"66d-64cb7941e3e00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 798\r\ncontent-type: text/javascript\r\ndate: Sat, 14 Mar 2026 12:46:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1645,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (454)","md5":"93dee57f4cba9a782263777de4da6c60","sha1":"1e1cc2428fba5e35f956b7cb1c63fd5753545aa7","sha256":"a5fac817e82049afb057775ad603b2a59abed6044b3c6e298d102fd208a8edaa","sha512":"af2bd4242856272554c5a136535d166b03db7eb12e1241ff44d62b1cabf4504ef741b65a4e0c0b9573f9f96ba4b6a9f74f4f72a82fe8f27ef650dec260a3641f","ssdeep":"","tlshash":"2831448b435a21264e4344503e8e1a66f33430acdf76a87af9ed005c37dd66995ff5c1","first_seen":"2026-03-14T12:47:01.686429Z","last_seen":"2026-03-18T12:16:31.923502Z","times_seen":6,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wachecks.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wachecks.xyz/favicon.ico","fqdn":"wachecks.xyz","domain":"wachecks.xyz","tld":"xyz"},"ip":{"addr":"65.20.86.116","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wachecks.xyz/check.php","date":"2026-03-14T12:46:39.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wachecks.xyz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:22:27 GMT","end":"Tue, 09 Jun 2026 12:22:26 GMT"},"fingerprint":{"sha1":"08:5A:C7:B2:EB:93:0C:64:8E:51:3A:D2:41:04:0D:66:CF:C3:95:31","sha256":"15:1C:C7:24:CE:64:30:4F:22:7E:2D:CF:77:77:D8:2B:98:90:AB:E3:9A:A5:BE:54:9C:5D:32:D0:7C:9A:69:4A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wachecks.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wachecks.xyz/check.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 259\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sat, 14 Mar 2026 12:46:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":259,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"490f59a6ad3bc155f960861fba94a75b","sha1":"4de75fd13e0faf5ac9493344f8d52ed7c9d887c7","sha256":"b0baa46a0d77a1e0b691403f87c1db697c25b07e4e0527ef7726acbe526abc49","sha512":"1d7213ae8efeac148b51397205ee874efac34040e39393d08ac05c750bcd7f00c0ab5907639e3b43195cde8396d3ccab3d1274262b2cdc0de9479a0667e5301b","ssdeep":"","tlshash":"05d02b9e504323960811145039c111c2228812ea647981e82dc5d447525863dccca2cd","first_seen":"2026-03-14T12:47:01.682507Z","last_seen":"2026-03-15T00:03:55.493281Z","times_seen":3,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-14","alert":"Sinkholed","trigger":"wachecks.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-14","alert":"Phishing Block","trigger":"wachecks.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}