{"report_id":"e8e79ccd-78a7-4503-8134-b4ac7c434801","version":6,"status":"done","tags":[],"date":"2026-01-02T16:00:18Z","url":{"schema":"http","addr":"quantrex-nexute.com","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":0,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"quantrex-nexute.com/","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"title":"Quantrex Nexute | Sitio web oficial 2026","dom":{"size":128827,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (54452)","md5":"d46fc15a7263adea9e31b9b7747797f6","sha1":"71231583a23140549265d4f55ec1ff764f8b7f20","sha256":"8ad097c975a6954b92d3fd99c9b1a21644302ccfd48c81a20681173232cdd63d","sha512":"d35870bc03210e7d1e2d3440fe419ce9ec152d5ba42ae3a61cd56ac056044bdfe75cbb504edb392ae5ebae23fa7e437c4739406405a470b4e0d8546921ed92e4","ssdeep":"1536:geNtjuTE+tsEJPjQBq1Wixx2M+q3HqlhqUl1x08WzAXz:1t2EGLqnq3HqlhqUl1x0PQz","tlshash":"4dc31023021c39270033c3d530a99b3bd1abde6bf9a74a416eedc7f627e9c90751611a","dom_hash":"domhash895aceec66780b4503b59558d0b2ffd1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"quantrex-nexute.com","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":0,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-06T16:00:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-02T15:59:57Z","timestamp":1767369597,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.13","port":54974,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2026-01-02T15:59:57.103804+0000\",\"flow_id\":175431890088110,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":54974,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":911,\"bytes_toclient\":3425,\"start\":\"2026-01-02T15:59:57.045230+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"quantrex-nexute.com","ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":210,"request_count":70,"received_data":3370002,"sent_data":32547,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"ipapi.co","ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2025-12-30T12:31:20.408834Z","alert_count":0,"request_count":1,"received_data":2480,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2025-12-29T10:05:07.357482Z","alert_count":0,"request_count":1,"received_data":650,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"api.frankfurter.app","ip":{"addr":"104.26.1.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-05-08","domain_rank":3245888,"first_seen":"2019-12-22T20:37:04Z","last_seen":"2025-12-29T02:02:04.746209Z","alert_count":0,"request_count":1,"received_data":872,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/justvalidate.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5999ea06cbb02d9f509d7127f581ca57","sha1":"353b584854cfb425f4da8446734b1f5557d32eb2","sha256":"29d1548e149452387bacf862a93dc3049a1f63b90cb972d6091641d477734592","sha512":"9320ce7503b230e62b4dc62a4078e802091a4a8e5fe28f7495ffec44f1bcbe6aa56e4b1ded1824e5854992e11d52319596b70a866486a74b24eb33d5a5107090","ssdeep":"768:VkW++JZ/wbtODUsl8dJorXESRAwgJMgp81UuVvwnCByfDwty0HD/h7PCByCrCagl:mCCDSXrRAwgJMg5s5Y3gk56D","tlshash":"41d2d706267149234dd94aeae08b9543b3d0375da914a4ccf73decfb8a8dec630536b6","size":29666,"data":"","first_seen":"2024-10-04T14:22:46Z","last_seen":"2026-04-04T08:19:30.9091Z","times_seen":1110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/formsHandlers.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7e8a05e7ae996297bf86824ac379ea1","sha1":"cabf10514e35c0a679f955038f1c2626cda611d4","sha256":"8a7adb89f11101aea44dbf0947382d2712e7fb69ed8b616ecdd036f3a8e9de4b","sha512":"8828d4b516b9d70a2846e23d01adcf7b4e9dbc6d500c9bda430899b8d2a59cac73d4e5e2bd3688395ae15a1ce260fd4e4e0076ce677a027708f735343053bdd3","ssdeep":"96:SVRt4ZvYSW21wvY+pw7Khw7KWEzvYTbhw7KW7YzKif1hFEURFAwnfcuWdl9MJIEy:IrqvQ26vIlivllqftEURFtcuWdl9MeEy","tlshash":"8dc12409d2be1e181afb205ebd8d3a8d34354026b824f01f715c05fd27bcba6a1d6bb4","size":5682,"data":"","first_seen":"2025-11-07T04:55:15.49233Z","last_seen":"2026-04-02T05:38:05.668955Z","times_seen":651,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/intlTelInput.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c9bacd626f8da329cfd17986468b921","sha1":"b8ef112f4c44f07c914363756792e9baff14be34","sha256":"a5bd18c50d0bedc08c05eec31019f087887e4454a02b2f8959dbdfbebba8ffb9","sha512":"09e7d0ad1436136919ddd67933ebb806ec1dff914f3139af7b11f513064f54e02d82a8c7d35b511b0cd9ab18bb570dcd18d50f1722ea0a2ab64e2510536e78cd","ssdeep":"768:IY03Xlqn/kiIzOT9FSRo/6mCIQkjMdt24vD8B:ItiIzU/6YjMdo","tlshash":"55d2e7ae63655b37a6fcc2a270e54503ae6f79444a44083d7cacdece0288ed271f5b34","size":29519,"data":"","first_seen":"2024-12-28T11:23:31.679776Z","last_seen":"2026-04-04T08:19:30.901066Z","times_seen":997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/localization.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cc4f23a9e8894a243c74a19d2eab2f2","sha1":"5ed9b73bd06d0e5e39352a6ddb55bdeeb8e40a2e","sha256":"12064402ab9b471abda6d40eeaa04d326f8890c1d4c84cd6f86f1944cb8044e2","sha512":"aaf12d1c6f624b72a68b96359d71b44e7fbb7c9e65ebc645747bb1cb9a21ce481ef7154142625a779424560691178c39c6ca45071092334a9b7670aa5beab6bb","ssdeep":"","tlshash":"9421c110af9f1000cae8114f1d340176547ec5653a1ee8dfff5605a835e9f2ac361f24","size":1330,"data":"","first_seen":"2025-07-29T07:47:20.613767Z","last_seen":"2026-04-02T05:38:05.666997Z","times_seen":834,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/currency.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5866b4a375079b4ffb3a02cde461a54","sha1":"f33e49337746d1003ff1e3714d43ae57d2ea4d69","sha256":"81777b6cb3fe12f02c54fd709616876a545dfb35709a39e2c221e52c7cddd7b4","sha512":"516b1d36e5aa801d21add9f500643c30f5c62eddc88b875c836eddde2022df0b4c970efa5f2496932940ba2c9415c425c5e6346b91186bf2239bfdea0d944128","ssdeep":"96:KlVrg8/es7VmmqqBPk2wPxqvg9BjdR02vP/TKNrcJlaOe/vOg5URxo3BQydu:KfECqKk3xOg9BjdqKJFEdm","tlshash":"cec15fd5ff7e44a0c3b4a1a10c2c2dc459be67587c8a99c5982e442012fdc9ade25ebf","size":5991,"data":"","first_seen":"2025-11-07T04:55:15.51299Z","last_seen":"2026-04-02T05:38:05.703301Z","times_seen":708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/forms.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"986595a83ad4c09d7c4038d52ee8d097","sha1":"3b12c8ab060b561ec107b1ae0bf9869b8ffbdcb5","sha256":"0e512846f7a8fac1ed96a1d29bd53d1070437884e4a9a0a24b073f5e155459bd","sha512":"7a82b203e0ceef8db3e035434ee8d01b18a17282f8dc30ab4d512f87c6b8bef4c59d16093c3bb3069eb03cda2192719690d4deabe02da8c7980682e45e64efb4","ssdeep":"384:dhANNZWa2uCO1HVsOAhDpVhwuq5iR96QNEoYtxUPEZRSoCu51h929iNrvOG7L17B:+ouCuHSOAfhwvE6QVYzAEZRl51hcsNrF","tlshash":"ed628494f73c0436a6fa21fe78ef4485397ca2125d904c55a8f8e41d72e2fd58ab2f81","size":15803,"data":"","first_seen":"2025-12-03T10:54:54.155477Z","last_seen":"2026-04-02T05:38:05.690009Z","times_seen":545,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/intlTelInput-utils.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","size":259721,"data":"","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T08:19:30.938448Z","times_seen":996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"8da4981c13510afb53a48caeb11704bb","sha1":"44df2519bcce688b8cfeb34899ad62c2b964bf35","sha256":"2765f1cdd765c8ce2b915ee75ee2e90505244724c62e76b73643df2d788a473e","sha512":"5e5061d7b542e3be0471885d5da5a27f5e2893aa50e6a525f0118f843d3fc56681cf9167e10db48cede8f70c20f5a7144a7bf78eef7236c2373356318ee0cdf1","ssdeep":"","tlshash":"dbb012414e3c2a4041686cf186767203708374617c0b4c8060250e0080f709780168d0","size":88,"data":"","first_seen":"2026-01-02T16:00:27.040486Z","last_seen":"2026-03-13T05:09:10.775714Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/formsPlugin.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c29f00e9d7f8bb55e71355dbd8c2c36","sha1":"bcd53049e5f8f39a0024525e48d62960bd6817ee","sha256":"402121a68eee38a0f9d6fb02115b5dcd6fd9ba6954bbb78174c257ce18f0e8e8","sha512":"f453a6d8a189f663a1a47224963572e018665868fd764184b7743ba92f1d7df25c7f541feb0c6b3f40c707c292f4a4e01ef4a5fe07e84fad1956e5a4509306c3","ssdeep":"","tlshash":"87f0278fc3258f3381316d7479ff96475bba02e639c98812391c5b802ef86922070663","size":487,"data":"","first_seen":"2025-11-07T04:55:15.503057Z","last_seen":"2026-04-02T05:38:05.667548Z","times_seen":716,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/cookies.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"29e09689244f96efe325db8dd6199591","sha1":"22a6ee3bb67ee79ce42be7dc409da0d694de1676","sha256":"9544cae77e6148f55eaead5bd77eb9b61a80a8f6d55d981e6db37062f825ad25","sha512":"3d932ec6654eee6856e3195fa8c83204df36d591352b368eea187968ce378510dbf99e5bce7edb74c108ff3e6921d67a50248f17ba84674997e59fc74f419fbc","ssdeep":"","tlshash":"7f41436a3494111a05932ad1a59a629d7e30f21372bf6816d0cfa2f06f12d23cd9fc7a","size":2001,"data":"","first_seen":"2025-07-29T02:37:11.539418Z","last_seen":"2026-04-04T04:03:43.872839Z","times_seen":955,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/intlTelInput-utils.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","size":259721,"data":"","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T08:19:30.938448Z","times_seen":996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/scripts.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f5811c6e6994e28e6b6161b27afbd48","sha1":"378e9cd860bf5151a6d0204e9234bf562c52469f","sha256":"cdf4a610497b6fe8000b40ec58175cb7f2cc5143139432c8fef5f3a5f33e0b3e","sha512":"1652323f076a82cbaf406586b24bd6cf80fe472a640b546e957d81e66aeea655fffc5a055f49ada26b7cdf6e19b5757e082a5fdb63a391e03ec47ec47e0a03a1","ssdeep":"","tlshash":"a9e0ab1fb07b742772ba30b42f442e00643a14803f47e990377b1a00e3d78bb4e2391a","size":431,"data":"","first_seen":"2025-12-03T22:05:13.236833Z","last_seen":"2026-03-25T22:10:03.309486Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"c849f819f2de90a902b5c40bf76f9c23","sha1":"008aeb2acf2e843a630f7766466bf09cf0ce3e35","sha256":"db6a31c34fbb00825c5bbca327c05cbc4b1051d0fe9acd8602af1f6d6e430805","sha512":"a231c70f9cdeddba6d4922a10a8f450fd907e214f7906d06fb28145672c40dc590b8f8471a07459a53e7eeda08a1c7031e53475c6384de9989f2d2e15243deaf","ssdeep":"","tlshash":"cb11e701432d1135d77594fde7d52edd653513e97c86259f2c8a440d33c26d6caf41a3","size":911,"data":"","first_seen":"2025-12-03T22:05:13.241192Z","last_seen":"2026-03-25T22:10:03.311337Z","times_seen":134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"b34def6b4e437ad7d0db58dfa318ffb7","sha1":"b0a146759b2b22a5d1be6127fb3067c406755602","sha256":"5528c251dbbf1a3b9a0fc542b1577f1894ccf5bce75be59c57e8ca591ed2538b","sha512":"8c1f45da76f5e986a0fb32b303c2849da7141b8cc088d51655baeddcf60603881ffad3e4932b26d464628b1a2efb15038f3ec373359691ea5a09dd464ebb0997","ssdeep":"","tlshash":"d1215b30a33c2526d3ff605769bca36e207d91163d42998d8c08085812cad5eb7a5dd1","size":1397,"data":"","first_seen":"2025-12-03T22:05:13.241873Z","last_seen":"2026-03-25T22:10:03.311831Z","times_seen":134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/userCountry.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcd956701cd03398458e22553099557f","sha1":"13ea955deb21745b2feb7af6f060abcf5769f65c","sha256":"0961b85469539bc4f36a29a52fa143d1b21a67c050d258bd63485a07cc90a82d","sha512":"5d017d065449ead1d30174eb2f6cbfd663ec35613e0c55982eb2550433f1a757539fd97f933a0257574e0ac71499b119c3491295ef7ef2f7befbbc41c25a7383","ssdeep":"","tlshash":"f0f078ccd16ba761f9f763d07926e52600e4e9123f178483b6f50b43a0a75cb4eb08d2","size":632,"data":"","first_seen":"2025-11-07T04:55:15.50602Z","last_seen":"2026-04-02T05:38:05.680815Z","times_seen":719,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/coinbase.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/coinbase.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 955\r\netag: \"69391957-3bb\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9f07c782d3f01b7b31901fbb318590e2","sha1":"645433f39d4e78328cdc592a9bd28d57d179ba15","sha256":"de81b810f3c1ea03aca8625d43f24d58ae5cab09cf2c086d662bb438bbeffb56","sha512":"d22e07c679c625f3303deca2624a27dce963d4b13fb16de04477a0b07fdf841f0ac4fcab1d21a79fa74d85518d8eb58c8fcd48f2500b6f580faa895c07cebc30","ssdeep":"","tlshash":"f611e13c9128530c500433a85b76216616b666d8878e8b687111bb633cc945f8ef7bdf","first_seen":"2025-09-02T04:43:32.257454Z","last_seen":"2026-03-25T22:10:03.293895Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-8.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-8.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8234\r\netag: \"69391956-202a\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8234,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"68b69b9ef541b5eef134551335ef9410","sha1":"941a42d03c38a2871f6b69d44ad4fa4c476c11dd","sha256":"027320cef5879bae3643fa9fd8820213bdc6a9947d16db7d18eb14fbd2d14bac","sha512":"78b23f06d3b3b025b7aff0f4d26839366f0190c6a0749bc06f7da98abbce8dc3258efb3a4fa6e0e2c8dcff1036289468ec313100550c8f88153e545069525b77","ssdeep":"192:/2YNMtKwRNIfyo/H8Rx6lSRctv9VvAaLwUoY9s:OYNg7ofyOcRMBfV4aCj","tlshash":"b1029e35ef759737e420e679c0a63bd4d161270dc7f0b6455324da382190ed6e8cb0ac","first_seen":"2025-10-31T04:32:50.95711Z","last_seen":"2026-03-23T11:24:35.266507Z","times_seen":102,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/currency.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/currency.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391954-1767\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5991,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"C++ source, Unicode text, UTF-8 text","md5":"b5866b4a375079b4ffb3a02cde461a54","sha1":"f33e49337746d1003ff1e3714d43ae57d2ea4d69","sha256":"81777b6cb3fe12f02c54fd709616876a545dfb35709a39e2c221e52c7cddd7b4","sha512":"516b1d36e5aa801d21add9f500643c30f5c62eddc88b875c836eddde2022df0b4c970efa5f2496932940ba2c9415c425c5e6346b91186bf2239bfdea0d944128","ssdeep":"96:KlVrg8/es7VmmqqBPk2wPxqvg9BjdR02vP/TKNrcJlaOe/vOg5URxo3BQydu:KfECqKk3xOg9BjdqKJFEdm","tlshash":"cec15fd5ff7e44a0c3b4a1a10c2c2dc459be67587c8a99c5982e442012fdc9ade25ebf","first_seen":"2025-11-07T04:55:15.51299Z","last_seen":"2026-04-02T05:38:05.703301Z","times_seen":708,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/btc.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/btc.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-567\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1383,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"08b899edc5746ab897190fc4caa0a883","sha1":"24da4aad4cd7ed97d096df6c277c6e7e185a2130","sha256":"5a837ec546b5cc6b85ba9666c287c5183c4ad87e22d4670f891bdd60297b0bae","sha512":"892ec9c3514f9cbacedc42f87ef287a468867ce3a6bfc73610aaaea7b6503339055d15cd4dacc8d9d18ba23f883d7f3f41b1229d77981b0b8ead8135caed9d3e","ssdeep":"","tlshash":"3b2120f1b3ecd5c59a8857f0552d78b17d3230f1ad1ad12c86f07fa1325a42e0928cc5","first_seen":"2025-09-02T04:43:32.272741Z","last_seen":"2026-03-25T22:10:03.296701Z","times_seen":1209,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/header-avatar-2.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/header-avatar-2.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2276\r\netag: \"69391956-8e4\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2276,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f002c455a1cbb7ebb9f0e367f5a1aeff","sha1":"108acd639aef6dfb2988dbe90017ee4e693846ad","sha256":"3687604fcb1bd6ec80db705d104ab28909dac30e35be40ca3ef55146223af35a","sha512":"7c2b8f1cfc72675366802a003974b8d88fca624431736e4271dedebe9aba73b06cc1652fd6701a4d5fba09f55f6ed56abe021b07b4ce46c6cdb8c0939f0e2e9e","ssdeep":"","tlshash":"e3415cf92594b03bc0f4583a0c7c661a4ffa49e2534e0e360f5d9b6a19212325cd382a","first_seen":"2025-09-02T04:43:32.312857Z","last_seen":"2026-03-25T22:10:03.297141Z","times_seen":768,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/comment.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/comment.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/tailwind.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-93c\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2364,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"03dafba01023fde082ffa08cec31dfd6","sha1":"bd202e2efecf4fcccbdea6ed2beb3c1d246a8e98","sha256":"0d1664b6b5351ca740502fc40a1fac93071f77f3dc3e3ba1acc32c696757fbad","sha512":"6da0a2071f09b1dd1462f9737d29271b241ea9dc471c072a2de131a1be356110286b1a72c3e4649f560003783538463a08c16c8b19164d74cf34f0e1b25dc302","ssdeep":"","tlshash":"1941eef0e25c90e95405bb78ce7b17e173733dad2ad0c2849370f9266a949fa9c5c983","first_seen":"2025-09-02T04:43:32.337995Z","last_seen":"2026-03-25T22:10:03.29007Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/favicon.ico","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/favicon.ico HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: image/x-icon\r\netag: W/\"69391955-25be\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30603\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"3111e85435af2a2b8aee90466ba0136b","sha1":"e3685071af5c65c910ae6ead4af09e755ec2251b","sha256":"0889ccb2ab1d10f6f0479fbbcb6f67af78c95396f3c91357c537e1adbe31eec7","sha512":"43e75667cc02901212403fc2717942083d2eea4685d97a3fbd4116c7755ce39198ed992e22fe738e54b2843b4fc2e1917e7722445f22b6b37bd9315dd9437215","ssdeep":"96:9GDAWyNNzmdpXtNJKKNgZ23bQIBbOgFCml83gEzuY0Sb4U3eL6+JQTYEo:gDIqlTJC03bQI9cgE0Ski4n6YD","tlshash":"eb123b54bad4bc9ac0881dfdedc6e2b151478f30fd32523325a2bf8f26346b56a60258","first_seen":"2026-01-02T16:00:26.951203Z","last_seen":"2026-03-01T10:31:10.207272Z","times_seen":2,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/css/tailwind.css","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/css/tailwind.css HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: text/css\r\netag: W/\"69391955-e3a7\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58279,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2a0cf72ee73dd5df33af14428b86140f","sha1":"7ebebbbf1218d4dc2e44c94b23b5f0b77cbe7795","sha256":"2b711c653a66120f7738884a5c5f684b4057fd6504052f7653a4e0f57a5b003e","sha512":"60e916e6b9fd4dc2aae674423581a146eb9de840c4224bd0358284964cbc7615f19ba590c5305754ef6be4cab2b1fdf8b3826f6404396a95099b3b0ddba73ebb","ssdeep":"384:reiWgHG6FYlh5swrxRXEZ1M7GhB4PTJk3J53TxNzYP2+Na1fKOM4nbiemZ7tbN0:re7gHG645dzEZhKPTJk3J5j+em7bN0","tlshash":"9f43661ad74299a8783ad2e0ef0d94cc361e29a1deed0f6fd0b15524cfc89690da7d24","first_seen":"2025-12-03T22:05:13.211005Z","last_seen":"2026-03-25T22:10:03.292464Z","times_seen":122,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/scripts.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/scripts.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 431\r\netag: \"69391955-1af\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":431,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"8f5811c6e6994e28e6b6161b27afbd48","sha1":"378e9cd860bf5151a6d0204e9234bf562c52469f","sha256":"cdf4a610497b6fe8000b40ec58175cb7f2cc5143139432c8fef5f3a5f33e0b3e","sha512":"1652323f076a82cbaf406586b24bd6cf80fe472a640b546e957d81e66aeea655fffc5a055f49ada26b7cdf6e19b5757e082a5fdb63a391e03ec47ec47e0a03a1","ssdeep":"","tlshash":"a9e0ab1fb07b742772ba30b42f442e00643a14803f47e990377b1a00e3d78bb4e2391a","first_seen":"2025-12-03T22:05:13.236833Z","last_seen":"2026-03-25T22:10:03.309486Z","times_seen":135,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-1.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-1.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7848\r\netag: \"69391955-1ea8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7848,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cec4422723de4f1c63d3f692c267540d","sha1":"e6f45dd900b062b461909299e2fb38167de7ad31","sha256":"69b88877b07b1eeb71134013bf66a95dc3b8516e5876650ccde81857a3b98a62","sha512":"1f05ea0228d1b5ee306ee2722e8a45ef745f810868543c9ca3b6bc6b2704c1e1e40f9575d4f1308eaadf47215729c7c70a7d440e49ae5018dad10ff27f886207","ssdeep":"96:XbN26MT0D5MdtbZPAVwzV7fNKCjhYfI1WGFSOJ9PZShBzWV0KFQ/R5djlTqS9JgJ:X2YNMtKwRNIf+W2w/zWSjddYQE36cCRA","tlshash":"b9f18ef9aa6be23bda67c37c58e63e85b153b33ccb70188a217456185604188795f146","first_seen":"2025-10-31T04:32:50.924075Z","last_seen":"2026-03-23T11:24:35.254852Z","times_seen":163,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/header-arrow.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/header-arrow.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 482\r\netag: \"69391957-1e2\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":482,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef279923440321565d5b5eccf70e2a1a","sha1":"7d3ae164864496ff78f2207f0e5d7cf720117a56","sha256":"1a60f0679cb2ef0cd2d3270f16e34c7897e9998a24dbe1b613364bb4ded1ac7d","sha512":"ed1743bc7a967ce62baa78036d72e2ef91a315323307ce7494c1f16bb56ffa1e7dcf94045598344ce763b03c932d79bad05970e9a98a716a49b0cbcb97642bc8","ssdeep":"","tlshash":"c3f0e2f696591548fe8f09a5d9986c4b056a0adccdcc02c6e5506e105efc0c29cbae87","first_seen":"2025-09-02T04:43:32.334597Z","last_seen":"2026-03-25T22:10:03.276801Z","times_seen":1210,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/header-avatar-1.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/header-avatar-1.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2216\r\netag: \"69391956-8a8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d90034b2d291e94da6d0c65eb0f9f1a1","sha1":"fb72b31d8799e2e1c9cec12adb3c3e6a17422ef4","sha256":"f24ce3fbcc2eb49afb20cbfd787afd1dd2638481df578f3c2d18a72c73a3238a","sha512":"463b8cb134c6f7edcc23335a444e59f279fd31a61376d8f8677143807c76eca430bd2922da414b348784a1196b87171973d2043a68292c29c135bea5f25b205e","ssdeep":"","tlshash":"5f4129cac327d11ac0ab4e35440d0dc1928c8549ea96076caf4bf92b58ca65d3be23d5","first_seen":"2025-09-02T04:43:32.319544Z","last_seen":"2026-03-25T22:10:03.306221Z","times_seen":768,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/stars.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/stars.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-89b\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2203,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5f46c787a1e0651d75603195a101a46","sha1":"2e1b5eab0082dd1cde7729696f9aaea6ae00e171","sha256":"adfbc7c2eb5a7bd50ba738a956c98508155e845bee22dbd4ae2b6a28e5f82c52","sha512":"8c928c3cb1ce4c6e4a78af922a97367600a7ff1c6f84fd57c9919f807c06f8fc98be8572822376ca5efa53dec6eae031fe52c12029698321d197bcc838434ccb","ssdeep":"","tlshash":"844104a0731c93f49056f7f4fd29a96635203d7e9b8887f4c2d12a80d4b72a9d58fd88","first_seen":"2025-09-02T04:43:32.301529Z","last_seen":"2026-03-25T22:10:03.287334Z","times_seen":1209,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/eth.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/eth.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-480\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1152,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"30dd3d2d238cd83055f0f9855f05c381","sha1":"e90b769cad3df8e832f314f95c1e96deebb5f9c2","sha256":"0e0cdeb30eec14f0abd375dac24b6eae25880840a9ece62b3d7c50fa778fbaa8","sha512":"52caac7d6efdda42b7fe943275b0b37983eee7850123df5092c449c767a1c93319152acdae90c1c33f9efc3e07ee60839dd38da9debc79bd967dd9af7fe13b41","ssdeep":"","tlshash":"4e2100d7520c52c01a401ba43b0ff831a756e4e54f8e4cbad648274bb6c8a9f8eb43c5","first_seen":"2025-09-02T04:43:32.286867Z","last_seen":"2026-03-25T22:10:03.308546Z","times_seen":1147,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/bittrex.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/bittrex.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 808\r\netag: \"69391956-328\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df280930bc74ed9797630ef8fc49d3ae","sha1":"90880c4fea185cf1c65916a7f2c946e030170499","sha256":"bd78df4c565f16b918144f647ff9bb0dd258d448fc1c27079e93a0a7a073c994","sha512":"9b85a6a0ed231f251557790380bb6b203ce6b66e55a7bcca005404183c9a9882fb38637ee2b48c8742af5c9875f0f195beffe909ae992476e26f8058171569b9","ssdeep":"","tlshash":"4601f1f4f62c924d0e08534d2b7835395194b3d8c3c64b5d3940633b6c8d4271eb32e8","first_seen":"2025-09-02T04:43:32.308504Z","last_seen":"2026-03-25T22:10:03.291974Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://quantrex-nexute.com/\r\nOrigin: https://quantrex-nexute.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: HEAD, GET, OPTIONS, POST, OPTIONS\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://quantrex-nexute.com\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eoyvFmEV1LrDRkf%2BSvX6KKDtfyFb%2BjER1Kw%2FLGHTO0HnL70HfwZaDu66X8mXxehy3lpugvEGyPu7JblteZ%2FbgQtPOrBk\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b7b776bce1656b5-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"460b460d57658b5fd29c5e4934445c33","sha1":"24a724b25ef1401657cafa588835edfb9f7ef1f7","sha256":"93eefe1243dfce9ac06bf199cc9962e610bab6bff4f096662a357d27c9aefa70","sha512":"127d42078b0a87c6d0a70bd359dbcf50844e871ae9e98875a63f2303950b50bcc04fdb72df3f2e157dde3c019355fb67791147d38d6c3c570e1bde1d3b8f31c2","ssdeep":"","tlshash":"a9012428e4680e7b88b80358b4286a07122422075f16354e7fd4878d0f8d8bf20b124e","first_seen":"2025-12-17T10:03:05.72606Z","last_seen":"2026-03-25T09:03:12.863773Z","times_seen":3067,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":24,"dns":1,"connect":1,"send":0,"wait":243,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/flags.png","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/flags.png HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/styles.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 70325\r\netag: \"69391956-112b5\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30603\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5762 x 15, 8-bit/color RGBA, non-interlaced","md5":"0b1ca148890222235a0f9903636ca21a","sha1":"b451b4db431749cc40cc2a5f271f9807ca21f1d3","sha256":"54dc5bc49fbe41359681fa0af8add039fa1383a4f4eade34f7a0a5a257dd1caa","sha512":"37553ab4cecdb30b631d883dc0a1afe4b5e81b921fa2fb8054a63fa054c2f57954dddebfee1a5b676f97a392b954aaa553a803e6e9abeedd56f87da0b58a8475","ssdeep":"1536:3Cc3jdCcCx1zjonyR5/Gm5mwoKVehnITl1G/Ghdfal4pMy9c:SczdzCx9jonyT5mwo1hIp1hQ4pMOc","tlshash":"966302b241c2a627f87cb972b955522b673bfb30d280780a00cf15b6979517f04e3a3a","first_seen":"2023-09-16T21:00:24Z","last_seen":"2026-04-04T08:19:30.896214Z","times_seen":5036,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":68,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/formsPlugin.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/formsPlugin.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 487\r\netag: \"69391954-1e7\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":487,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"3c29f00e9d7f8bb55e71355dbd8c2c36","sha1":"bcd53049e5f8f39a0024525e48d62960bd6817ee","sha256":"402121a68eee38a0f9d6fb02115b5dcd6fd9ba6954bbb78174c257ce18f0e8e8","sha512":"f453a6d8a189f663a1a47224963572e018665868fd764184b7743ba92f1d7df25c7f541feb0c6b3f40c707c292f4a4e01ef4a5fe07e84fad1956e5a4509306c3","ssdeep":"","tlshash":"87f0278fc3258f3381316d7479ff96475bba02e639c98812391c5b802ef86922070663","first_seen":"2025-11-07T04:55:15.503057Z","last_seen":"2026-04-02T05:38:05.667548Z","times_seen":716,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/person-2.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/person-2.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30642\r\netag: \"69391955-77b2\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30642,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2bb375487f7cce5fc1d47a7f598af0b9","sha1":"87617f2bae8e89dc539cab7bdbc7224c910d3cf5","sha256":"e2c4740ce1edfe5097d9da97a77ed994c374d6b78115eb1d0c83625104f421ab","sha512":"cdd45da8bb3460d4f6e0063a9234eee85195b35a11fa9e49fcd4e89a54b707fdf0b058cc933a49e5a4934f1be1c52a151be2cc0fa2dceffb851a683440c39345","ssdeep":"768:FYyE1fM4NzQe84Hqm3IEtHCNdub1Cn/IGyDVOIjoQ:FAfM4NzQn4H2EtHC8Cn/IGyD8IEQ","tlshash":"62d2e175aa1ac3bddf13e1b4c8d61f5142c2d630e3b252973618071723858ea69de09f","first_seen":"2025-10-31T04:32:50.918683Z","last_seen":"2026-03-08T11:46:46.049066Z","times_seen":36,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/pros-2.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/pros-2.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-1c0a\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7178,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5ccb30901fe366e2c16716a76b7d5f45","sha1":"c843a8c141f8b541601ae8a50fc3cfa336d4844c","sha256":"a08ef793cf722e6ad68e787ef6d77a1a7479b4a90ea93c9e9ce04095069fca89","sha512":"ec261437779ed5fe498752027945ad78b84044e60404fc713e0afbe960e80ef184445a8f920853838d13a12e01519c23fb08244c4169df62dcc9bd7d7c59a5b9","ssdeep":"96:VKHrnlEeDv1dv40YDVpMdbZYdBMc5jsRSq8J+org8R0RCeALrS/rw9HO:VKHpnv6DT5XCEdprgPRCqU4","tlshash":"08e185c4372ac3b4f409dafd4219b4757e527dcb761380d8c3ba1d4ab88a42d6da98d3","first_seen":"2025-09-02T04:43:32.249675Z","last_seen":"2026-03-25T22:10:03.280506Z","times_seen":770,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-7.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-7.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7734\r\netag: \"69391955-1e36\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7734,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a88886c2a7dd6ead0133d156aa70eef4","sha1":"7cf956c4d73361753e17e8e25b92a67433ee6725","sha256":"ee85735e3b6b9ba463d76b53f9e4d0e80625086b233677ce8aeb0bd83f9b275f","sha512":"258b6d65d7ad7ef5e6c0e0d395e1a83c9940b91cd49cd6de67c641a2e9480585324e934fba7cc080f7d72c21c31aa2b10ec16025cbd3cd9c32878df23eaca5f6","ssdeep":"96:dbN26MT0D5MdtbZPAVwzVtYif8ILaHdKJpFX2+0JmAL+rQkvpIplWKDG7lK4PNFu:d2YNMtKwFsqz2+0AAL2QkvWPghQwTd4","tlshash":"aaf1b074b7a253e3f471f6bce4e3278091987639f370dd562430aa0853425c86e4e08c","first_seen":"2025-10-31T04:32:50.90877Z","last_seen":"2026-03-23T11:24:35.266015Z","times_seen":163,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/Inter-Black.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/Inter-Black.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 316848\r\netag: \"69391956-4d5b0\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":316848,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 52 names, Microsoft, language 0x409","md5":"118c5868c7cc1370fcf5a1fc2f569883","sha1":"f79fa58ace5f55e338c99bf71e7e0702841df6f2","sha256":"4795b76b5b54d140fa17432eb4ee2eb27c63156ca0c8184ed27c4781faafe276","sha512":"1dcbf0476cd7470c359294bb360e141af440e407251646746ff53e57b302a70f4f32b775d16d19219fbf562b9b1ef5e8ee05546bcbd87a2d297541bba11f084c","ssdeep":"6144:wiaT14OiMsRwis9EzgwfxsW4unPLx+0woyN:yWnMr90gquWFnzxCoyN","tlshash":"38646a17f327c35dc5132e368b96c7a47363bc917a02e10afb243a95c98b1b05e9b5d8","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-03-30T02:48:14.457804Z","times_seen":991,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":225,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/cookies.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/cookies.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391955-7d1\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2001,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"29e09689244f96efe325db8dd6199591","sha1":"22a6ee3bb67ee79ce42be7dc409da0d694de1676","sha256":"9544cae77e6148f55eaead5bd77eb9b61a80a8f6d55d981e6db37062f825ad25","sha512":"3d932ec6654eee6856e3195fa8c83204df36d591352b368eea187968ce378510dbf99e5bce7edb74c108ff3e6921d67a50248f17ba84674997e59fc74f419fbc","ssdeep":"","tlshash":"7f41436a3494111a05932ad1a59a629d7e30f21372bf6816d0cfa2f06f12d23cd9fc7a","first_seen":"2025-07-29T02:37:11.539418Z","last_seen":"2026-04-04T04:03:43.872839Z","times_seen":955,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/header-avatar-3.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/header-avatar-3.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2008\r\netag: \"69391956-7d8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2008,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41ee26398cbd792c2d068501c6fd5347","sha1":"87726c430c3e0306bfa296f1c9fbd6a0f10a1669","sha256":"88da44238d5dc9b340a7763dc85f16be6d31ed02e3913631824731f235a353f8","sha512":"7398a65a212717062749ebf7e94f743cbc52a00f9f0767682684ae74ef74185aa08a1ab410a5d0a4a4b433dfddcd59f71623bc28a708b92e6da2110c9d60bdb6","ssdeep":"","tlshash":"40414aeba80e426fcc9b4272727feeb0087f965c73618c098101012eeda3667474528c","first_seen":"2025-09-02T04:43:32.32803Z","last_seen":"2026-03-25T22:10:03.288739Z","times_seen":827,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-2.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-2.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8522\r\netag: \"69391955-214a\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":8522,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fe7b48ebffc73c42d63c86080993b3da","sha1":"45646918f343af1f016525e022ced7a74f5cb981","sha256":"63041e446172548f5278482c32d96a38a1bb2eae91d9663a93772f7db5dabbda","sha512":"199d45b91b9abf6aaec31bce5e90cdcc1d2cfe691e75f22bf71ca90f4b90ac59f490aa7a0ee528870f8054d688e45a6c58908db022106296d5d7c29d7b3f6680","ssdeep":"192:y2YNMtKw9ZTHP/lEF5xrxGavYXuiu97LJ6arMQlo1lo:xYNg7rnlEF5xNY+B97LJ6arM11q","tlshash":"14028db2ffb3da06ce21db38a9b63fa9e191611ce731f78421249b17021998457cd06f","first_seen":"2025-10-31T04:32:50.961378Z","last_seen":"2026-03-23T11:24:35.272796Z","times_seen":163,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/glow.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/glow.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/tailwind.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 698\r\netag: \"69391957-2ba\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":698,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5a3f3d58c639d254adbe360efe2cd06c","sha1":"ae96f32b7bd60f327cac97014ac200a03983c736","sha256":"9d8a12463844f53b73f589446f70b027d397ec4b22b1c2d505a00c45ac0ce9cd","sha512":"cfac41234168567ddde2a5ffe3fa450eacb9b7c1f57005f79538c91a2b28741069a0657eb080131f120130b4ced175f998a9c32ce6304895faf46e77c6889b7d","ssdeep":"","tlshash":"29014434e35ce02fd654830dca5540c031fdc0d561d6400175d25f6f58e8853aec9364","first_seen":"2025-09-02T04:43:32.326694Z","last_seen":"2026-03-25T22:10:03.279468Z","times_seen":838,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/lang/langs/es.json","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /lang/langs/es.json HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://quantrex-nexute.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/json\r\nlast-modified: Wed, 10 Dec 2025 06:55:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69391957-7bfe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":31742,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9a083cf2e2cd30b7f5b567bc2fdaec1d","sha1":"e73863df16a910e18374a97d315a963c029dbf7f","sha256":"d9ce8ba3437fdf13b589a1a208eebc91bbe7999056bda547dd35e4058139ac50","sha512":"1e770389a3cf76d9f4d2c8fa349e5791a29da93fe44dde29f4fdf61e3505ace0f124b6c6924e401a507a1e88290ac723a21a8e5ea47bce6a38152b28edb34637","ssdeep":"384:YDS83kv+Ph78yId6BqMxK/SNSF6tNSwoOyPlUm/zA/tq/B3DzSj9+AVUHRPegfk:xP418kBT2SNSQtNVoOkp/68B3Cv8R2gs","tlshash":"4fe29522cdc80e6305931248b7c6c557a29021472e14e9bff7dd836d1bcc19ee5bae8d","first_seen":"2026-01-02T16:00:26.975663Z","last_seen":"2026-01-02T16:00:26.975663Z","times_seen":1,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/header-bg2.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/header-bg2.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/tailwind.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39994\r\netag: \"69391955-9c3a\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39994,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c2004bc1f6298be7aca074e9a961c0ed","sha1":"5b72f53a98833bf6e5504dd6f4d25276b7e78218","sha256":"1ef40994ac3137ec249be87f309eb7daf3273815b9777f117ce3756a73297eed","sha512":"cb88d25b93a5eb666edca7749d9d6888cf6a0e24ae7fbe050a37aa1c8f785c8e86befb7377b4c4df8479e32e1d0b0f6aac90b4f4036ad7b15b15e576a1ca4f88","ssdeep":"768:wbiE5PVNCAPTF26XcQGcimMQxrOVdGNwMg6jKfHj2Jzr7:uZTPEs8mMQ8VKwj6jKfHWzr7","tlshash":"cc03f19748ae16dddc6271363c1ceb21a4b66a059fc21d86c787c6f6c7c3668f14d238","first_seen":"2025-09-02T04:43:32.347288Z","last_seen":"2026-03-25T22:10:03.27784Z","times_seen":754,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/EncodeSansExpanded-Regular.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/EncodeSansExpanded-Regular.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 161040\r\netag: \"69391957-27510\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":161040,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 14 names, Microsoft, language 0x409","md5":"09cef80beab41395b7406d15baf9a43b","sha1":"bf3eaf32c0a00c48e6bd5c173692c09bc6228b4a","sha256":"ef2d88cf3791a898cca0511f6866297247381a8147dcc60634204f1aaa37fe87","sha512":"8f5a3c30637653391455a5e079da16c34aa09d222d58b28226e9999e9363323ae3e3728abd2d376c9ecc40326bc325c63d96173329386f1ecd4d700f1f4f8eb7","ssdeep":"3072:8lOLJC8OMvp5WToy4PgIAgD5MCZy0BbKTtdSVJaXTkZ5IOgf3r2m/XpA/t7Tv2ul:8lOLh8TtguCy0Bbf5IOgf3rHpAFv20TT","tlshash":"eff36c0bf7a3e709f9551e74646883e572d2f8516f32c74fa448bfa8d4870ec08c62a9","first_seen":"2025-09-02T04:43:32.305054Z","last_seen":"2026-03-25T22:10:03.301614Z","times_seen":817,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/intlTelInput-utils.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/intlTelInput-utils.min.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/js/formsPlugin.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391954-3f689\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":259721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T08:19:30.938448Z","times_seen":996,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/forms.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/forms.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/js/formsPlugin.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391954-3dbb\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30603\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":15803,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"986595a83ad4c09d7c4038d52ee8d097","sha1":"3b12c8ab060b561ec107b1ae0bf9869b8ffbdcb5","sha256":"0e512846f7a8fac1ed96a1d29bd53d1070437884e4a9a0a24b073f5e155459bd","sha512":"7a82b203e0ceef8db3e035434ee8d01b18a17282f8dc30ab4d512f87c6b8bef4c59d16093c3bb3069eb03cda2192719690d4deabe02da8c7980682e45e64efb4","ssdeep":"384:dhANNZWa2uCO1HVsOAhDpVhwuq5iR96QNEoYtxUPEZRSoCu51h929iNrvOG7L17B:+ouCuHSOAfhwvE6QVYzAEZRl51hcsNrF","tlshash":"ed628494f73c0436a6fa21fe78ef4485397ca2125d904c55a8f8e41d72e2fd58ab2f81","first_seen":"2025-12-03T10:54:54.155477Z","last_seen":"2026-04-02T05:38:05.690009Z","times_seen":545,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-4.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-4.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7876\r\netag: \"69391955-1ec4\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":7876,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f010747cc7a3a4f8436eb97c646cbca3","sha1":"c029a88e34d3b8b8a22211d282441d3e6aa75924","sha256":"0a7e35ad777d23c1363073e5176747e16c3c112b581f1d42d3a321d1f2c1672b","sha512":"7a71b2ae92bf808f75a800ef506e5d0d7e93f4decba513fd7049c74dafc5e4fa16037d11758d8e8b8db8d18e4aca4ea7432bcd186ee595e69c6986280a5fcc45","ssdeep":"192:z2YNMtKwRNIfs3Q+ZV4KFUIae87gmBZ77A:iYNg7ofs3Q+Tdfae8Es7A","tlshash":"76f19eb8afebe365cc22e23814e13ba462d3373e56b067dd2254f2161201584fb5f0a5","first_seen":"2025-10-31T04:32:50.952524Z","last_seen":"2026-03-23T11:24:35.273885Z","times_seen":163,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/pros-bg.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/pros-bg.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/tailwind.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 40462\r\netag: \"69391955-9e0e\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40462,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a552bc7ad58597757b953a47ef50de2e","sha1":"ae607ba3cd8f2986ec9f2dee80ae90f28cd1eaf9","sha256":"7af56b3431d35b0264020ac4eaa6ff1ca05a72a64647fdea890e9814597da6db","sha512":"b976c4950c93b9743666efe43261649a885163865793314992bd7990b42afdf4c34703bc01cb8abe742559e270b203a06e1b6f1f184bfdfb8e9062c88f3417b9","ssdeep":"768:euKXMkiH1mxkbLyKMVgJWqHgSSUxyt7tdWbbfNFd93raFCoDHXeX1rFYv:euTkImxcPn4Yyt7tdWbbfNFdl63eX1A","tlshash":"a603e1d097b394eead24862349bcfdc2576e36e18b429b8282c7e54a58378df9532130","first_seen":"2025-09-02T04:43:32.343217Z","last_seen":"2026-03-25T22:10:03.286454Z","times_seen":822,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/justvalidate.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/justvalidate.min.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/js/formsPlugin.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391955-73e2\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":29666,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29666), with no line terminators","md5":"5999ea06cbb02d9f509d7127f581ca57","sha1":"353b584854cfb425f4da8446734b1f5557d32eb2","sha256":"29d1548e149452387bacf862a93dc3049a1f63b90cb972d6091641d477734592","sha512":"9320ce7503b230e62b4dc62a4078e802091a4a8e5fe28f7495ffec44f1bcbe6aa56e4b1ded1824e5854992e11d52319596b70a866486a74b24eb33d5a5107090","ssdeep":"768:VkW++JZ/wbtODUsl8dJorXESRAwgJMgp81UuVvwnCByfDwty0HD/h7PCByCrCagl:mCCDSXrRAwgJMg5s5Y3gk56D","tlshash":"41d2d706267149234dd94aeae08b9543b3d0375da914a4ccf73decfb8a8dec630536b6","first_seen":"2024-10-04T14:22:46Z","last_seen":"2026-04-04T08:19:30.9091Z","times_seen":1110,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 19:31:13 GMT","end":"Thu, 19 Mar 2026 19:31:12 GMT"},"fingerprint":{"sha1":"FD:43:17:F6:FC:F9:5E:2B:53:FD:34:62:25:32:FF:41:EC:72:38:91","sha256":"8D:5B:FC:11:FC:AF:23:2A:87:1C:7B:4B:8D:AD:0B:AB:BB:D9:D3:7D:C7:9E:49:C6:11:1F:78:3D:E2:1A:49:DC"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://quantrex-nexute.com/\r\nOrigin: https://quantrex-nexute.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T09:23:25.256799Z","times_seen":46555,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":88,"dns":25,"connect":28,"send":0,"wait":164,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/logo.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/logo.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 967\r\netag: \"69391956-3c7\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":967,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eb176596f021b1c2691f508e1f933b61","sha1":"fa38852591f0366651c4ef73a5d1933b62dc5478","sha256":"c359491b578fb6929a58d33b785a6d4679c555dda092945365a97813292558e4","sha512":"1234af6b2c78c4009051a0f01da71bbc9a144bae061457bc215572ba1ccfde9b5bb83d80b5e516df16c9db676cba2ff706f8294460bcc564ab528ecea2f688a5","ssdeep":"","tlshash":"6f1157c131cc95884e48831b5b0e657b622b30e8a11942c4b9603b0bbdc9bbb1ca9bc9","first_seen":"2025-09-02T04:43:32.306896Z","last_seen":"2026-03-25T22:10:03.29626Z","times_seen":1208,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-6.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-6.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8536\r\netag: \"69391956-2158\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8536,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0f2839f0d02e6331d58b1fab901cd940","sha1":"26e3b44f3865730646f0406807a528dfffd669d9","sha256":"49edd17cd54aec7bc621ffa8d79981d0bc7f0992e6d9fe40362906af5407aeab","sha512":"e199fcd9458dbe0a49a52156e1f2fcea007451c7285d1f775ee68ae69c6a672953038f611d9594e5c644aa23491d8b0d5d209b30e774c08c70361129acab718b","ssdeep":"192:M2YNMtKwS+t33OaXv7nrlJntX6AM4NTcgR+x/7W:vYNg7Sg3eaXvbrlJntX6ghR+x/7W","tlshash":"ed028db92eaf8372d530d9ba18f373d164ca2729e21078ca75248f364285980b5ce0d8","first_seen":"2025-10-31T04:32:50.89606Z","last_seen":"2026-03-23T11:24:35.242033Z","times_seen":163,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.frankfurter.app/latest?from=USD\u0026to=NOK","fqdn":"api.frankfurter.app","domain":"frankfurter.app","tld":"app"},"ip":{"addr":"104.26.1.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"frankfurter.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 23:18:41 GMT","end":"Fri, 27 Feb 2026 00:17:23 GMT"},"fingerprint":{"sha1":"F8:6F:EA:2A:E6:3D:8F:8E:1C:9C:54:85:3C:F9:03:09:D6:89:F6:D8","sha256":"58:69:79:C7:05:CD:58:76:AD:46:16:6E:F5:84:A8:19:8D:7D:C2:EA:46:FE:A3:B7:56:20:E1:3D:26:C0:A4:7F"}}},"request":{"raw":"GET /latest?from=USD\u0026to=NOK HTTP/1.1\r\nHost: api.frankfurter.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://quantrex-nexute.com/\r\nOrigin: https://quantrex-nexute.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-expose-headers: \r\naccess-control-max-age: 7200\r\ncache-control: public, max-age=900\r\nvary: Origin, accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xSd0wVzAovyfQOEuxHPXqrAaV%2B5kJj3kvXAatx3fy9CL%2BcUWDrNtpAtOP3EIIG206DBv%2Bx2wLIOyvbcCz9Gh71EH26yOoMdanXttW%2BWQ5JUn57w%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"ceecc796823a82d706e4cf955cd472b5\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9b7b776e6ca08be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f06e7e40d6bc9118d69cbea139b6aa30","sha1":"12f46966191509f9074934dd156346cb311d0aba","sha256":"3f46e2c5ea0590517bf7014c4883c076a1f73255427db19596a0b16e1b53feaa","sha512":"039eea278019435d982c4c51777be5ec56b442f3957a002f60e55c785dd39889a4957f87f014d835b2b16b3ff2f71c392707a4a1ae3c13c3ce06f1ac43ec2ea9","ssdeep":"","tlshash":"00a02200f83c8ea0c2020ce0b800bc802c083080238e0f0008ccf000c220032000c828","first_seen":"2026-01-02T16:00:26.994793Z","last_seen":"2026-01-04T21:40:23.145441Z","times_seen":35,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":28,"dns":4,"connect":1,"send":0,"wait":239,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-02T15:59:55.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 11097\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50317,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (814)","md5":"13b36fbf26f3b6eaad970aa880160110","sha1":"2cc440115ddc981b0898a92b123a7c2256d3d968","sha256":"e4d5eaf7d0b2cc8c2573f34ed86327fa50ff7cf66202c62401a0d5cd8fa8b0e9","sha512":"975b6680c93c858118b34213a55b7251931d64e727557acc12fb4612a20c078128360062c26840a6ed823f0308441ca86c837d615dfaab04957ade536501df48","ssdeep":"384:B2ItKibXZ0ZFI2tZJL8rvdQtOiHOt5OCEsEPFLljzLw0ozgw0IzMtIjzLw0ozgwG:B2ItKiTGXa+q3HqlhxrldTvUWz1Xl8","tlshash":"7d333115128d0ebf11130796f295bb9ae05f9f74e52bd8e6f1fb012123cac84af61276","first_seen":"2026-01-02T16:00:26.997403Z","last_seen":"2026-01-02T16:00:26.997403Z","times_seen":1,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":158,"dns":8,"connect":65,"send":0,"wait":295,"receive":1,"ssl":82},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/localization.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/localization.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391955-532\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1330,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"6cc4f23a9e8894a243c74a19d2eab2f2","sha1":"5ed9b73bd06d0e5e39352a6ddb55bdeeb8e40a2e","sha256":"12064402ab9b471abda6d40eeaa04d326f8890c1d4c84cd6f86f1944cb8044e2","sha512":"aaf12d1c6f624b72a68b96359d71b44e7fbb7c9e65ebc645747bb1cb9a21ce481ef7154142625a779424560691178c39c6ca45071092334a9b7670aa5beab6bb","ssdeep":"","tlshash":"9421c110af9f1000cae8114f1d340176547ec5653a1ee8dfff5605a835e9f2ac361f24","first_seen":"2025-07-29T07:47:20.613767Z","last_seen":"2026-04-02T05:38:05.666997Z","times_seen":834,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/person-1.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/person-1.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34082\r\netag: \"69391955-8522\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34082,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a510ac001961250be9eb5ec7b599c573","sha1":"7bd6897dc836dd6f6486cd7abce33f69319d5aa1","sha256":"6c75b7a5d1c66c7ae8c8a99cbbae3b85fce4383203c7131b3f87110bbf9f60c7","sha512":"338ea7e89b7f65bf27e627b9afb0cefcf569aea41567b06e4d0512ba3e943e63721d1a0b31e0e0850b63c0c3ccc6c203fd86f6a8d0c1b38d36998bfa3ec8f174","ssdeep":"768:rYycaqOHCSKdeCE3iYoSnLY1DofhhwO8kpMZCZGCnlkoCkl/:rPCLBIpniUfkO8kpBnRCC/","tlshash":"5ee2f2500ad23170dbb2ae3d65f65d71b256c23eef3e7ed412b937310056129788e40b","first_seen":"2025-10-31T04:32:50.89264Z","last_seen":"2026-03-08T11:46:46.040591Z","times_seen":36,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/pros-3.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/pros-3.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-6d7\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1751,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"77cc23f4dfef3fb494da063dbffc4fb0","sha1":"5497f0fa1d50011c7d90ab2f3c9107fdb6617906","sha256":"6c79187930a4abc56242352b5d4d5a5e68e7a6837c129e4021ade79165774cef","sha512":"9998ae9c90a9a7a002c388e1bf176ee2730c6806e545707820f118ae4808994ae1552977dacefedf49e6e425b31819097e0be659b99e73a6bddcbf80594cfdfe","ssdeep":"","tlshash":"9c3123dc2178c39cb40679680786b8b13c5b99cd95a74845d3b3be12e88845d5e748eb","first_seen":"2025-09-02T04:43:32.34178Z","last_seen":"2026-03-25T22:10:03.302906Z","times_seen":770,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/info.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/info.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 59838\r\netag: \"69391955-e9be\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59838,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8955c166ea726f9df674dceb3f9186ad","sha1":"7d642254ba07756830b82c507c49856d91ded48b","sha256":"430789278409c7c3c40c011f36ab5ad7aa9dbb698bf5538b7161b91bee63090b","sha512":"1cc9d6440bcbf856f66eba36f4ba9f2a6a29cf56e340629628061a3cff76ed921adec1fe61e8f513fe4ac37083f4baa450d7e204e939eda5c5fbc27bad0fe015","ssdeep":"1536:I+GXTgppEwC2m78LI1MfqzSS8So+Pd2qoLL0ASZSh1iXmnyqrjR:IhXThtQQuir7dPoLAHZOiXmny8jR","tlshash":"0743023e29de8841c8df2c6d04a8162efa6c9b23668abc7858f6130ed3d5131e7f5d05","first_seen":"2025-09-02T04:43:32.277422Z","last_seen":"2026-03-25T22:10:03.283178Z","times_seen":1116,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-9.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-9.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9150\r\netag: \"69391955-23be\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9150,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"025b0a1a1102ecd497fbfe207ab5cb36","sha1":"b9055661ab4a16835278045ed423303c7a42d981","sha256":"25c3c06331b4b5390a915484ba6eb38630e0455406df8816993168ef5b39d71b","sha512":"f3b5c689b7a915a0eac07eeafc18174ca53a0983b42272aa302084db16700ca0be683912ea479e1e972566be14dcf8baffa0c93b3b104747806944eab121c52e","ssdeep":"192:c2YNMtKwVQmeAROsEFFCY7FH9wSrZHYiTUDXMoOJ4D:/YNg7VQmIouFOSVHJacoD","tlshash":"b2129eb9fb97d361d830c27400e12ee43187335df722a9922566ab1d16812a47fdf049","first_seen":"2025-10-31T04:32:50.958623Z","last_seen":"2026-03-23T11:24:35.25933Z","times_seen":163,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/bottom.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/bottom.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 99546\r\netag: \"69391956-184da\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99546,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"88108cbe23f34dcfcfdb96c13db08e7a","sha1":"39ef779c20c4e99005f542b1fbcd8356569d6628","sha256":"b825967004d9a1b6348da8813f70cebf175be9a8126d7284c3cfd74f8425e5ea","sha512":"88ceb6f3fc031353ad035bf79c82c3b1d1d4aec31508b3a90917c1ff25740e3bbf5d917a2bf5db3de0ea85cbccaa637a6ab4f208171819a2447d3f9c5346d48a","ssdeep":"3072:lYuuo5b/UsbYrEKwSoY31imbmwEmlfn9qKNiXnkW:lvuo5b/lbuEKwCFimbZb9SnkW","tlshash":"1aa3121976f65a96e8541f88edc2a77932b50fe7207370da3028ff36086863d21678dc","first_seen":"2025-09-02T04:43:32.314304Z","last_seen":"2026-03-25T22:10:03.2985Z","times_seen":750,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/like.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/like.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/tailwind.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-e1f\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3615,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2c10ef99921bedb522858b8452a520f1","sha1":"d8950fd5ebd9fc4c9f7030a8ad535a03ea502ac5","sha256":"8fc5c82557271bff7c7974b940f396c0e1510e56e149061ac98368c95138f2f2","sha512":"7a9f75653a67f9d6d57ba07927fd23c238e20b57cb1aa6856d8edeebe8399b6304ae108c8c30804b59bb911fc123df24257c6148a15b94de03317ce9f156f892","ssdeep":"","tlshash":"1f71d8e583e862f9504ba770c9369fa5736b3cf9374a8e8693c8ad8da81500c584cd47","first_seen":"2025-09-02T04:43:32.282519Z","last_seen":"2026-03-25T22:10:03.286842Z","times_seen":839,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/Kanit-Black.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/Kanit-Black.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 173492\r\netag: \"69391956-2a5b4\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":173492,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 15 names, Microsoft, language 0x409","md5":"98e93fc09832d3891a57162b83ecb930","sha1":"7d7c545de2f02989d1f2a76849291b75f6e6b7e6","sha256":"7f6d2b61aeaa7e6e1d1f0a99fee666c688650f00254786a1f48bfba31ad63aa9","sha512":"41229779be59db29324f4716122da85948f6de5f05de483327b85a888a424527813331a827bb1f93db3ef8e875f706c0658b28126d1058604c8aec953402f2e9","ssdeep":"3072:T1jSTGGQ+BqRF4LwmVIIaVyL1PhllxA4DUgaTABYcaclGT4I:T1xGQ+Bo3VyL1PhllxugDScaclGTx","tlshash":"7a044b07f749d789fe1a5e382769a71ba294f0704f5787cbf08d3679e89a4c01e192c2","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-03-25T22:10:03.303864Z","times_seen":947,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/EncodeSansExpanded-Black.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/EncodeSansExpanded-Black.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 161496\r\netag: \"69391956-276d8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161496,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"8d733c894ca18c1e271b8e648b605601","sha1":"ec5db396305437bdd280d2c5a857a507027e8d56","sha256":"de952ddb6b905cbddfca787502eadc44720735bbceb916264de6c427e58e89b9","sha512":"f4842689b731e5323b4d163abca8145971f1eb6fa30e88f1ca2d8467961342c90437a4965332eaa8ce74e75307ed0094164fd52913b3650838660ead87ec8e49","ssdeep":"3072:HokDRrC8OMv4GeLUoBhQI1LZrx0NrqRKoC+b1WxxEriV:HokSd1LZF0NrCKn+hZWV","tlshash":"f8f35a0bf783d735e9151e36a46893e573d6f450af36c38fa144bea8d8c70e428c52a9","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-03-25T22:10:03.281676Z","times_seen":947,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/Inter-SemiBold.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/Inter-SemiBold.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 316220\r\netag: \"69391957-4d33c\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":316220,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 52 names, Microsoft, language 0x409","md5":"465266b2b986e33ef7e395f4df87b300","sha1":"5e0c44e57e7e090252d79f622899e67585bb892c","sha256":"b0b540e69bf6717016e33874670e09acf4bffc2ca3f4c1cf174a4ff696308c65","sha512":"b653746094471135e0b4cb286b45c4fe2b146a877ed3ad03bf1c116f0413c0c2e66d9245651349dcf1c322b71071b499b83129d88a17b25f3ca7b18d5a5428b6","ssdeep":"3072:tYR7HDJwbA5Maf/j41tIW+8EziE7/VgC+zvVF7ALp5p28gzEPuNOVKpxG6IXfsCQ:qR6aT19iEjAa5hgJRLQCo4TJIwH7","tlshash":"0d646a07f363831dc9062d3a47e3c7a07367bc917a12e10abb283799c98b5b45d9b5c9","first_seen":"2023-10-14T00:46:20Z","last_seen":"2026-04-04T03:38:34.0038Z","times_seen":2431,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/userCountry.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/userCountry.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/js/formsPlugin.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 632\r\netag: \"69391955-278\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":632,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"bcd956701cd03398458e22553099557f","sha1":"13ea955deb21745b2feb7af6f060abcf5769f65c","sha256":"0961b85469539bc4f36a29a52fa143d1b21a67c050d258bd63485a07cc90a82d","sha512":"5d017d065449ead1d30174eb2f6cbfd663ec35613e0c55982eb2550433f1a757539fd97f933a0257574e0ac71499b119c3491295ef7ef2f7befbbc41c25a7383","ssdeep":"","tlshash":"f0f078ccd16ba761f9f763d07926e52600e4e9123f178483b6f50b43a0a75cb4eb08d2","first_seen":"2025-11-07T04:55:15.50602Z","last_seen":"2026-04-02T05:38:05.680815Z","times_seen":719,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/favicon.ico","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/favicon.ico HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: image/x-icon\r\netag: W/\"69391955-25be\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30603\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"3111e85435af2a2b8aee90466ba0136b","sha1":"e3685071af5c65c910ae6ead4af09e755ec2251b","sha256":"0889ccb2ab1d10f6f0479fbbcb6f67af78c95396f3c91357c537e1adbe31eec7","sha512":"43e75667cc02901212403fc2717942083d2eea4685d97a3fbd4116c7755ce39198ed992e22fe738e54b2843b4fc2e1917e7722445f22b6b37bd9315dd9437215","ssdeep":"96:9GDAWyNNzmdpXtNJKKNgZ23bQIBbOgFCml83gEzuY0Sb4U3eL6+JQTYEo:gDIqlTJC03bQI9cgE0Ski4n6YD","tlshash":"eb123b54bad4bc9ac0881dfdedc6e2b151478f30fd32523325a2bf8f26346b56a60258","first_seen":"2026-01-02T16:00:26.951203Z","last_seen":"2026-03-01T10:31:10.207272Z","times_seen":2,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/intlTelInput-utils.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:57.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/intlTelInput-utils.min.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391954-3f689\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30603\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":259721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T08:19:30.938448Z","times_seen":996,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/phones.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/phones.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62018\r\netag: \"69391955-f242\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62018,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"88ae8c6bb589750082b5edf16e6a1cd9","sha1":"8c6bb3702f3271c48d86d65d66a557f4f0f6d898","sha256":"36a7d79051bda66b0503bbf3ddcfc8067ee8cdb063fdcd743493ce6af2b54612","sha512":"28786ec8aa25db88a8381dcc2c7f49eacd969d96395d3a25e7a2bdb08ed114ea472c81c938eeaaea86bc5b58147585287afe581e55ce74894c571e03ecd30a32","ssdeep":"1536:GkkVU4uvILYGW4FoHG3xXQWd8jk7IlJ7avfZk8z+M0:RDvNV8xjdd7IX7avRk7J","tlshash":"67530235dff0ad4d85461130018d2cbca9b87e9dfa1fdd618a710cd0d8b6b2b994b1ae","first_seen":"2025-09-02T04:43:32.240085Z","last_seen":"2026-03-25T22:10:03.2878Z","times_seen":761,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/css/styles.css","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/css/styles.css HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: text/css\r\netag: W/\"69391955-706e\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28782,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"53d8ea4fce5fbdfdf9ef25b7e058db93","sha1":"3afc346233ab40653d5fd58820d47a2e6c67d87c","sha256":"e485cba460146a0cc487b28e8b871913b5955840ffb8c6918ca2784bc846aa76","sha512":"6db56968b215d4f17a5cc37f15a1d5eeb5d94c543afc85f133de7e9be7387781c63a5ce23393c0e1b8765a1d62cc749d013bbec069568f5228e0da3c6791b1dd","ssdeep":"384:HS9Y+JTzEoKuRCcO9yoPKhzTIuRn6oAw2NYrbpIqe:y9YSTzfnjoPy/rR4w2NYfpIqe","tlshash":"c1d2551386220c7ee22dc3f839a6c5b4772f0c827daadd97f6c9101d5687990a5fbd48","first_seen":"2025-12-03T22:05:13.211802Z","last_seen":"2026-03-25T22:10:03.291458Z","times_seen":123,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/quote.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/quote.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-ac8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2760,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"504ce723c76d111e0be511d24721c2dd","sha1":"a1fe51672c966079ca8ccaa11fbe6de0bafa1644","sha256":"a563b73f0268826906bcde897b0a2f55d0d2fa9cfb394e4c151c138f3865202e","sha512":"87a808d4940b03b8e019e3a28be1bc3d866c01323be476d8e2e1ac2d780404bd66046a62855d03ae2c309387f7c18788a5f1d9b3bae538139b5448df459631a2","ssdeep":"","tlshash":"0b513061b3b971e0f215e3f667e27925b95b26622f87c2e4c0d72dd4d87480c5e808c6","first_seen":"2025-09-02T04:43:32.254441Z","last_seen":"2026-03-25T22:10:03.304816Z","times_seen":1145,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/ltc.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/ltc.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-408\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1032,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c4a6bbd896e770e829a30e835714ac49","sha1":"7a9fe65f4227ee71070e76c345eef4e1f77850d6","sha256":"32d3294815fc7a945762273c76564c434e395d8ebe6eab2e9edc8e3cb74076b6","sha512":"cd82a14c15b0307501bc59e5b0bf4dcf3edb39a0bcc51b42d5f439ad23847da574e357b1e4edccda6d2f17e57332709d1b1f5fbbf43019614f4ca1ec494360cb","ssdeep":"","tlshash":"8911ced0b7a977f56484c338826c3071647b3cee1a215d784ee43841752140ecc52eac","first_seen":"2025-09-02T04:43:32.275483Z","last_seen":"2026-03-25T22:10:03.277305Z","times_seen":1207,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/polonex.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/polonex.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1021\r\netag: \"69391956-3fd\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1021,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0a93f41c5d779ef0d290e4c54e2438c4","sha1":"e56f962012e24d19748c1d4f34789fab11deb64e","sha256":"c9bb6c3d073015bd7e82cb3c8e1b1e9a3fa9e15d3ade934e21068ecd59424f61","sha512":"ecc25a27648b40e5fb0370597111f401bfec58bb6b74145251062ab6ed8a6a5c9d6e15a5e3fa23687429262adaa83007366839604b4c43b8922dc7c84fa61e6f","ssdeep":"","tlshash":"ed11cefc6728920d4e0897943b6aa866107273d89189c747b5c565af6a8d06f0cba1d4","first_seen":"2025-09-02T04:43:32.322472Z","last_seen":"2026-03-25T22:10:03.283824Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/info-arrow.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/info-arrow.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 480\r\netag: \"69391956-1e0\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":480,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7000561a2a36f6e67dd92e77cbb50d10","sha1":"0059c6b703952d15dc05cad181c1999380a9454a","sha256":"b05aa3927b700369237f9d2ff209fdf0f4867935cbee04cd1bbbba66231cc7e6","sha512":"8c7cedcd717b2ae9b6b59fec21c9aefabb935218e3f158f81b653b5224094bbecac514b5dfe11f4c3763914860064afbf742aca3cf7f1824a358c185ca5f0d0a","ssdeep":"","tlshash":"9ef09ea730841086e00defb4f02c544636c31cc3b488412cdd4c660ab6e47ba2d40e54","first_seen":"2025-09-02T04:43:32.262978Z","last_seen":"2026-03-25T22:10:03.307149Z","times_seen":839,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/css/fonts.css","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/css/fonts.css HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: text/css\r\netag: W/\"69391955-155f\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5471,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f0627245761b9ddd06cb364cc796811f","sha1":"70e346e88e4659b0eceb7f76017794807902dcce","sha256":"7eb62995cb0c108cb17c8c38bd7e6ce060d1fcc80c8523fb72f353a72427dd23","sha512":"8d73c9b64a00ce31bd416f265caa82c9f239c284bd17e400e24c5cfc98cad679fe9047d22107c58a852d7350cf0898e22f80c43b1c5abc6e6b0119a4b6d1d570","ssdeep":"96:QGOS7aGOJTGOW/GOLkWGOg+GOxTQGOCeGOw6qGOM1OS7bOJGOWp0OLqOgrOxTxO2:h7qyLkzS38bD7o+Xk8565N7cehe05urN","tlshash":"d4b1c910141ea833aa612eae739b7e148f4d28057155c5ab47b80c7a9cfb63783e5f4f","first_seen":"2025-12-03T22:05:13.225993Z","last_seen":"2026-03-25T22:10:03.295337Z","times_seen":135,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/binance.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/binance.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-d34\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3380,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"286147a6a8b43aa9f703eb3b278c669b","sha1":"a23688139388df4ef861c249ccfd8bd48aa2eff2","sha256":"1b4f876a5cc0b5da87f17a7ffb330ce2c5002c414036ddff7803da78ec725865","sha512":"1e4b9065bb362a10ad591f82fe88d373c5c82f582cc5ae6c03c87fe1f0cd3f61b71942fffeb119ed7700ee95e7b91845d16ee94443af3dd9960cd1c0c10fae4a","ssdeep":"","tlshash":"a56193a513a9c2e4b4056bfc8f0a68f23fa728f7ad27c51953d12941e8a067c8c75dd3","first_seen":"2025-09-02T04:43:32.294472Z","last_seen":"2026-03-25T22:10:03.278941Z","times_seen":1204,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/EncodeSansExpanded-Light.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/EncodeSansExpanded-Light.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 161592\r\netag: \"69391956-27738\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161592,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 16 names, Microsoft, language 0x409","md5":"97a2a619bcef5d92ac7f66e17564887c","sha1":"2c6e03389700c030149924e5fdde5f0e9754cced","sha256":"875d0d2122e8bb59c73e1e03d3757b382046266f658df35c0053797e954295bc","sha512":"0b3ae4d454cd5d25800d242177e45719b1b4cd16393586b83d93f94072b026c5a9c3258521a08052f699b59564385d593f07182718e5aa1da9b3a806c69ad051","ssdeep":"3072:ZrdeC8OMvHv5MXeEr2IAEmbYMRbc+LkPjcHHgRlbf:Zrd++XeVgYooHHOx","tlshash":"dff36c0ff7a3db19f5150e35997c83d572e6f8512f22c64ba54cbe68d4870f408c62aa","first_seen":"2024-06-21T13:38:29Z","last_seen":"2026-03-25T22:10:03.282171Z","times_seen":944,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/usdt.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/usdt.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-df9\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3577,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"908ac595c69379ce8ce688a04dc020b5","sha1":"8fea3ba2ba406c0a875388c4dc75481af957a326","sha256":"b7ef94d66bc1b27c90dd4bb1887dfb58335df07576bee8eeee3c459d53fc543c","sha512":"fd52eb012b199609a0edd27ac2d9f118823d76afd5001b1c8373d6c7f96d20696b349e59409dcfc79a638f09292cd75c14a598369681ef0ac4e962b063c69a1d","ssdeep":"","tlshash":"7971e8e96398b2f4e607abe4ca37a871356758f57f12c48cc2847845e21856d0c9adc7","first_seen":"2025-09-02T04:43:32.333256Z","last_seen":"2026-03-25T22:10:03.30574Z","times_seen":1208,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/formsHandlers.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/formsHandlers.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391955-1632\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5682,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"C++ source, ASCII text","md5":"b7e8a05e7ae996297bf86824ac379ea1","sha1":"cabf10514e35c0a679f955038f1c2626cda611d4","sha256":"8a7adb89f11101aea44dbf0947382d2712e7fb69ed8b616ecdd036f3a8e9de4b","sha512":"8828d4b516b9d70a2846e23d01adcf7b4e9dbc6d500c9bda430899b8d2a59cac73d4e5e2bd3688395ae15a1ce260fd4e4e0076ce677a027708f735343053bdd3","ssdeep":"96:SVRt4ZvYSW21wvY+pw7Khw7KWEzvYTbhw7KW7YzKif1hFEURFAwnfcuWdl9MJIEy:IrqvQ26vIlivllqftEURFtcuWdl9MeEy","tlshash":"8dc12409d2be1e181afb205ebd8d3a8d34354026b824f01f715c05fd27bcba6a1d6bb4","first_seen":"2025-11-07T04:55:15.49233Z","last_seen":"2026-04-02T05:38:05.668955Z","times_seen":651,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-3.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-3.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9462\r\netag: \"69391955-24f6\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9462,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"052bb6da86f045de05aca3d8b9bf0f48","sha1":"91949a031bf83d8fb94f0428be8b3183e7aa2d0e","sha256":"cb5bd0df22f44c9ec1d61929cadf93bade2cad93383835976a7a110c27069c44","sha512":"e3569e630a864f07bb5dc072bf8ce2ac63a17714646bfb8d2a391819165547e0ba828f81b3a33814fb155113c4e0ff76c8b8bba27ae4ba132fc32de9cd150e77","ssdeep":"192:H2YNMtKwy+mYhoDAE0JpIAPqVF/oo0Ao5sLu7dMd9L:WYNg7yWhoDEJprqDoo02Ltn","tlshash":"b012aff23b59db6ecae4587450e627b5e2529f3dc702355a2c2c4f23d188542630e29e","first_seen":"2025-10-31T04:32:50.946745Z","last_seen":"2026-03-23T11:24:35.286093Z","times_seen":102,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/kraken.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/kraken.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391957-ad8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2776,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a88d6175c0fdfc14d4998e0aa9ac7959","sha1":"3886985b7a635d4cf8ae3d50db49d63c42dbebd6","sha256":"533b51e295c2ec894de75538b9f6f7ad23b0fb18cb5d55de02ad6eec6618af9b","sha512":"02caefead63c07312097e588f26540e3ae602769a930c25b5c21e59b93d6c788cc13db0d473382f4cf84d4716fccea69e3243ce74946524b0e2b6284ce3d4ef8","ssdeep":"","tlshash":"e25183a8d37ab218f004b7f88b07a8b481826fb42705ca5daffa0c1bd99500e1c75dc7","first_seen":"2025-09-02T04:43:32.260297Z","last_seen":"2026-03-25T22:10:03.310451Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/user-5.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/user-5.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9052\r\netag: \"69391955-235c\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":9052,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d67921e0f912381140c824d1fa9c48d","sha1":"8fb5e86a669d96809202f485c4d175c2523ea056","sha256":"b9c608d8902dbec54eadf668d18c043093ba5f69999703d6af23236b929d7fbd","sha512":"c4acb00456f83de141429fe18dd8f8ed3b4e52f9f8b1a2f66261260fa3701af2d9c1dea32ea3ced1fc62cce29742faa54c80a0a001814a1a534f67bb89b3e754","ssdeep":"192:K2YNMtKwRNIfa2aFYvc0ROc8DoGHWwkKuwOQVJn6Ts4ajxSy:JYNg7ofap+cquABoJ6s9Sy","tlshash":"e6128eafdfbe9753d923f4b578a57b84aaf1623ed36029691030d61412906d0af8f248","first_seen":"2025-10-31T04:32:50.928809Z","last_seen":"2026-03-23T11:24:35.27437Z","times_seen":163,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/img/header-bg-mobile2.webp","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/img/header-bg-mobile2.webp HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/tailwind.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 25708\r\netag: \"69391955-646c\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25708,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d8179eca6cacb540539cd9b74f711fdd","sha1":"5cba7acc82732a756054aa3529eac3cb85a3557a","sha256":"6efc83b8bf5e579eec51195c4eba7f58df2487f8d195f07d59b0741bd6ecce39","sha512":"ece42e75e994510373393c040d56edd7f44b5c3612c1b5552e3ca7111abc0312096792b5e8defafcbece652da2f21a3f8ec439db2426e31ab20ce06dd24487ab","ssdeep":"384:p2ESfIf9teHWKyJsBp1p4RrCGUWRsLGNr+pQNCc4b+cMVOARGCU2VW7Cr8xYySTz:0ESATO1SaWR/NBaiuwVW+VQUDr4Y","tlshash":"c1b2e183f37074daa07597f892717d2a79a8039013b98b9c3687391fe53a510779d2d8","first_seen":"2025-09-02T04:43:32.280027Z","last_seen":"2026-03-25T22:10:03.303373Z","times_seen":817,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/payment.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/payment.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-7bc6\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31686,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9857cd226493e46d1f9d1da264b98ca7","sha1":"91d7efdfb03bdf612c1279b05b55a6299304bb6f","sha256":"8d4f42fb0c221eea7cc3bb6f8f25434a543644d9f20257c749c617c0ac8fbe1e","sha512":"feb167e1811234de452b58bc81647471bebe7bae1c845c73021e0a7c0cd538a28b55ed29c0b15f790266018680a0b4f8394ea193116656b328e3932a11f8e554","ssdeep":"384:3sn7jCC2N62crb+rBEXGZQNM87Rg/BzZQTraKBzBY0XDiu23dMcgjZZLwiywoqok:cn70MSrBEWlxBVMuKBFdTiu9ccXywak","tlshash":"bbe2c7e963faa2d4d58cebd36f94a1393d1320f75eedcd10c3ad4e68aa4486c4c245d1","first_seen":"2025-09-02T04:43:32.335925Z","last_seen":"2026-03-25T22:10:03.292955Z","times_seen":835,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/pros-1.svg","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/pros-1.svg HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69391956-1510\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5392,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e3e03487987db909519573a44bc1c14f","sha1":"e9fe3cb017ee1eeb06730a1b5481c587763e3135","sha256":"7380cdf722492fa999e321b25877905d77eb7781b3729966d36a4a580b40d924","sha512":"052f13a31dd25a9a6e0c561e9dcb24128fe21cc351a1626943534885190a0869790d1038e29b49041649c72cfdade38ed8e1c0043527ae6d56c26dd2d2d32947","ssdeep":"96:oKyaCV0Ct7eFu8TuPK/MeDurIIzfZUijQuGCZ/gNCjAJNk+n3W4ctX7BTDx:oK00dE8OK/4VXGC9yJG+O7BTDx","tlshash":"25b173c8237541a4f949b6fe071bbc542e4649e8e7118c5dcbd46e0be1420ae2d7aecb","first_seen":"2025-09-02T04:43:32.303241Z","last_seen":"2026-03-25T22:10:03.293446Z","times_seen":770,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/css/pages.css","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/css/pages.css HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: text/css\r\netag: W/\"69391955-17dc\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":6108,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4c004d7fb813ad468dc797ed682424da","sha1":"8291785c4fe7010ec75a1255e36f75be8ca97857","sha256":"f144da3a1159cfe3d609f8342cb2035b491781956df7ea407a3ac8e9ed888463","sha512":"a4906698cacdaa0d6d20f2a2143f537be0075f099f138d2babdefb7b4ef99258b290a719932dfad4c2416ac4485e1b5e58db58eececb8d026241540708257bc7","ssdeep":"96:Axlw4RZUJT2ZBXg3CU6GEmC+OmCeMEMrM2Ht7n9Pvuf+kBsLOH39OMrHd:tcZsgU6eFH1IVHjc+kBsL63wgHd","tlshash":"5dc142139f14b449f22d90daefa17f68052e4093eb8d4eeee547386ce2c919105b2f8d","first_seen":"2025-12-03T22:05:13.226785Z","last_seen":"2026-03-25T22:10:03.308985Z","times_seen":135,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/Inter-Bold.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/Inter-Bold.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 316584\r\netag: \"69391957-4d4a8\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":316584,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 50 names, Microsoft, language 0x409","md5":"ba74cc325d5f67d0efbeda51616352db","sha1":"47ff07c75746682133b81e7ac0537ce50a4c9916","sha256":"412c068eab6f36e6807d630ff89127165e8e4d3e8653434cdfb56b60cdcc3a32","sha512":"0e1b968a789e9a4d3149e9bf539f12800b9e808b6d1829841e74a122369110b369b36dd10231fd9fe68523475305e398aad0927fe14247cbe75256cdd17953ad","ssdeep":"6144:x2RouaT1miEEE1ipnQzkghLs7J28i9Bpu:siomE1onQzkgRs7i9Bpu","tlshash":"5b645b13f323c31dca122d3a8b93c7a07367bc512b13e10ab7643a55c99b5b85e9b5c9","first_seen":"2023-10-31T18:47:11Z","last_seen":"2026-04-04T02:45:27.477157Z","times_seen":2156,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/fonts/Inter-Regular.ttf","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/fonts/Inter-Regular.ttf HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 310252\r\netag: \"69391956-4bbec\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":310252,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"GDEF\", 50 names, Microsoft, language 0x409","md5":"ea5879884a95551632e9eb1bba5b2128","sha1":"cfa780d0b50b2bb7eacb82984f1b18a95aaa40c5","sha256":"3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384","sha512":"f09113b22bab8fb07920453e2cdc3ce678231f7b9f801f44471461697a10a61a9382173e177691f4170a3f9af736a4ee880fb48cc4408c8eea4e3ee850004cc8","ssdeep":"6144:PUWaT1IUkh6w/yOjngZyKMOMxMmABlNGow+BNn6m4zLkA4X:sX+Qw/rgZyKfMxMmABlNG4BNn6m4/kJX","tlshash":"5f644a17e363c31dc5132e3a8793c7a0b767bc513b12a10abb243a55da9f1b41e9b4d8","first_seen":"2023-10-14T00:46:20Z","last_seen":"2026-04-04T03:38:34.068939Z","times_seen":3307,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":230,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quantrex-nexute.com/public/js/intlTelInput.min.js","fqdn":"quantrex-nexute.com","domain":"quantrex-nexute.com","tld":"com"},"ip":{"addr":"94.26.38.51","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://quantrex-nexute.com/","date":"2026-01-02T15:59:56.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quantrex-nexute.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 05:23:28 GMT","end":"Tue, 10 Mar 2026 05:23:27 GMT"},"fingerprint":{"sha1":"D1:1A:2B:C8:EF:23:6D:1E:70:97:AC:EC:DC:F9:0B:1D:60:72:19:51","sha256":"D5:42:6D:9A:5C:0D:C0:6D:4E:6A:5E:93:2D:65:49:0B:98:28:41:70:89:8D:30:C4:22:FB:31:61:F9:E4:0B:F2"}}},"request":{"raw":"GET /public/js/intlTelInput.min.js HTTP/1.1\r\nHost: quantrex-nexute.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://quantrex-nexute.com/public/js/formsPlugin.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 02 Jan 2026 15:59:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"69391954-734f\"\r\nexpires: Sat, 03 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=30604\r\nx-served-by: quantrex-nexute.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29519,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29164)","md5":"6c9bacd626f8da329cfd17986468b921","sha1":"b8ef112f4c44f07c914363756792e9baff14be34","sha256":"a5bd18c50d0bedc08c05eec31019f087887e4454a02b2f8959dbdfbebba8ffb9","sha512":"09e7d0ad1436136919ddd67933ebb806ec1dff914f3139af7b11f513064f54e02d82a8c7d35b511b0cd9ab18bb570dcd18d50f1722ea0a2ab64e2510536e78cd","ssdeep":"768:IY03Xlqn/kiIzOT9FSRo/6mCIQkjMdt24vD8B:ItiIzU/6YjMdo","tlshash":"55d2e7ae63655b37a6fcc2a270e54503ae6f79444a44083d7cacdece0288ed271f5b34","first_seen":"2024-12-28T11:23:31.679776Z","last_seen":"2026-04-04T08:19:30.901066Z","times_seen":997,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"quantrex-nexute.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}