{"report_id":"eb4cd904-1d85-4d7f-8ad4-f4ce4cafe6f0","version":6,"status":"done","tags":[],"date":"2025-10-18T10:35:34Z","url":{"schema":"http","addr":"relifassum.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0","fqdn":"relifassum.com","domain":"relifassum.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":0,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"final":{"url":{"schema":"https","addr":"vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"title":"Age Verification"},"submit":{"url":{"schema":"http","addr":"relifassum.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0","fqdn":"relifassum.com","domain":"relifassum.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":0,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-22T10:35:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"relifassum.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"vids.chopinhunder.com","ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2025-10-11T22:57:33.646843Z","last_seen":"2025-10-11T22:57:33.646843Z","alert_count":0,"request_count":3,"received_data":1749710,"sent_data":2110,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"relifassum.com","ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"domain_registered":"2025-08-14","domain_rank":0,"first_seen":"2025-08-28T01:31:43.897083Z","last_seen":"2025-10-11T22:57:34.19487Z","alert_count":1,"request_count":1,"received_data":2173,"sent_data":582,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"relifassum.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0","fqdn":"relifassum.com","domain":"relifassum.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"e2fda8918f2c6a479ea4eb200c67236f","sha1":"c5c3b6d5a31aaf82b616f541f14b6df78ffde8ad","sha256":"ffcbe36b6503930f2b1d0b09ab234700e06dd983d9c1558c854c67b27ea4c3f1","sha512":"5392930be0cbe28a22437fc66961ac77fce08d20b0c760df39a9960b861964f4e00f6c9ac28a2536bb36e823bb4a158d80983fc0047d09352f00286dbf313027","ssdeep":"","tlshash":"18e072e6d22200380676b8bcc60ae30032f300eb50ac8807b81e1a1b1f8070e02b2848","size":306,"data":"","first_seen":"2025-10-18T10:35:35.989227Z","last_seen":"2025-10-18T10:35:35.989227Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"b967a8179fe4edfb0faae13c227a1421","sha1":"44543d7437431e7f1caeacb8b0ea8c1f244df6f4","sha256":"c65618fb082081da79fa54d0ee782c0d25830f23ae8137a3ab469c49b94404f1","sha512":"bbd6dcbb92cfcd4de7716eeeda0d82b656338dbf0b539b000d2084485f129e1814d82bf646ca868bd87c1ebf06def2265027e5525f516f61f76156c96eb9d4c5","ssdeep":"","tlshash":"65015659ceef0dc57d544428a77fa0a028e90093814cd64abe6cf55aaf81c0b51fd0cc","size":832,"data":"","first_seen":"2025-10-18T10:35:35.999953Z","last_seen":"2025-10-18T10:35:35.999953Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vids.chopinhunder.com/groupds/assets/js/backlink_back_button.js","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":false,"md5":"60af47aa63c3bf9235687f706af2e899","sha1":"9b651a755c24a2e61617f574579b4d43db107609","sha256":"0faf991e33ce5cfde4a76de0c10f4271f51d30244da938b0e2b2e3f80b4cc035","sha512":"d9dd9a090d3a0bbbb6059b44171577ab1c836c0058b5bb8824a51f9dbf796077c33475150ca0ca033a4eb67ce2484ead2e766b04b6a98415dfef0a193f1c1a48","ssdeep":"","tlshash":"00f0b48d58a60078597331a9dfafa5283563046f3403ea117a8d97904f6472ec389fe9","size":620,"data":"","first_seen":"2023-03-11T20:55:10Z","last_seen":"2026-05-08T20:40:00.282943Z","times_seen":552,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6855803baab2730f4351340614673df","sha1":"eab6a2bb7055416b9c559d8c65fcb482559b48e1","sha256":"2d6af990d88c05b6a63f2e61c7c12939ff511380396431a59369bdce38b3b8e2","sha512":"52581cbaf861a734c613d190baa1a1f2f1cb07364116325cce64f4d42a93d616f15ffb3edfcf82b30f0c727ca49e58fcf2f716db1a2cedde409d3f99eb046135","ssdeep":"","tlshash":"e0d022c7ce1b61892c2296ac4238b3682889008f1ee2c00bb20e20230f0094200f6188","size":213,"data":"","first_seen":"2025-10-18T10:35:36.012755Z","last_seen":"2025-10-18T10:35:36.012755Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e84e7287e5e59c4b298b64e7106702f","sha1":"5a9a792cab455100c9ea0cf66fee31520634d324","sha256":"245f11609067aa375a30bc960664aa273b0cfb5e7e3ebb44a4c59d72d94e32c4","sha512":"226063dfeaef8836aa0acd54d3957e4c44d07677b6de4c67216fcfae8459d82b818ac83fb04b7ab32705dcea3d39d8a9ddb7d6d50eb874542758f768ee595870","ssdeep":"96:T8uV2N9gSD/7e7S05Ibsk/7zI/+eDOp2stRi9ll3l:T8uV2N99/62FP/7ObD82kQ973l","tlshash":"71a14e9ebebb12a80e9bb47f5befa2182072902b1009f0057d6d51901fe0e1cb164bf5","size":4897,"data":"","first_seen":"2025-10-18T10:35:36.018884Z","last_seen":"2025-10-18T10:35:36.018884Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-18T10:35:12.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vids.chopinhunder.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Sep 2025 03:04:23 GMT","end":"Thu, 25 Dec 2025 03:04:22 GMT"},"fingerprint":{"sha1":"8D:1D:4B:5A:AC:E6:CE:38:9E:7E:8E:79:9E:FD:51:F9:23:3A:C4:5A","sha256":"71:54:0F:3B:F2:1C:35:F1:F6:82:61:A4:D7:B4:EC:5C:3F:F9:37:67:20:72:6C:B3:26:BB:28:3C:D1:28:BB:70"}}},"request":{"raw":"GET /?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324 HTTP/1.1\r\nHost: vids.chopinhunder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://relifassum.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":77363,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (35329)","md5":"dc17cf3dd5ec3de5993258eb6ef7c0dc","sha1":"129ce628f9fd61e10f4a3e0eb22b1925190c073f","sha256":"a6e1745872c720171b9b1a9a71702b86453b7c3df4123ae716e92cbbb2770117","sha512":"2ef8a3ee6721d14857e110267ed65d7a886048d438be051dcd130a3ce47a78ba8991f6b4d1b7c7d569206c953f48fdcb2c0fb526abbaf28589b31b94941e99b8","ssdeep":"1536:t5ZYxNLiR7I+ClnMZOPtc/KHHU2bpyPoFw3odi0/2A2ldwkgxgdW8r6Y:XxB/KU2YoFw3od/72l6kD","tlshash":"d573d0a1adfb0041345ba5b9b7ff734a1cb58443a188e83e7e1db2c65f8099051ea3dd","first_seen":"2025-10-18T10:35:35.953676Z","last_seen":"2025-10-18T10:35:35.953676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":200,"dns":19,"connect":52,"send":0,"wait":155,"receive":210,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vids.chopinhunder.com/groupds/assets/js/backlink_back_button.js","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","date":"2025-10-18T10:35:12.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vids.chopinhunder.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Sep 2025 03:04:23 GMT","end":"Thu, 25 Dec 2025 03:04:22 GMT"},"fingerprint":{"sha1":"8D:1D:4B:5A:AC:E6:CE:38:9E:7E:8E:79:9E:FD:51:F9:23:3A:C4:5A","sha256":"71:54:0F:3B:F2:1C:35:F1:F6:82:61:A4:D7:B4:EC:5C:3F:F9:37:67:20:72:6C:B3:26:BB:28:3C:D1:28:BB:70"}}},"request":{"raw":"GET /groupds/assets/js/backlink_back_button.js HTTP/1.1\r\nHost: vids.chopinhunder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324\r\nCookie: c2s_step_des=%5B1%2C2%2C8%5D; c2s_step_limit=3; actual_step=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Oct 2025 10:35:12 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 620\r\nLast-Modified: Thu, 21 Mar 2024 14:57:19 GMT\r\nConnection: keep-alive\r\nETag: \"65fc4acf-26c\"\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":620,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"60af47aa63c3bf9235687f706af2e899","sha1":"9b651a755c24a2e61617f574579b4d43db107609","sha256":"0faf991e33ce5cfde4a76de0c10f4271f51d30244da938b0e2b2e3f80b4cc035","sha512":"d9dd9a090d3a0bbbb6059b44171577ab1c836c0058b5bb8824a51f9dbf796077c33475150ca0ca033a4eb67ce2484ead2e766b04b6a98415dfef0a193f1c1a48","ssdeep":"","tlshash":"00f0b48d58a60078597331a9dfafa5283563046f3403ea117a8d97904f6472ec389fe9","first_seen":"2023-03-11T20:55:10Z","last_seen":"2026-05-08T20:40:00.282943Z","times_seen":552,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vids.chopinhunder.com/groupds/116/assets/img/preg2/videos/1.mp4","fqdn":"vids.chopinhunder.com","domain":"chopinhunder.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324","date":"2025-10-18T10:35:12.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vids.chopinhunder.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Sep 2025 03:04:23 GMT","end":"Thu, 25 Dec 2025 03:04:22 GMT"},"fingerprint":{"sha1":"8D:1D:4B:5A:AC:E6:CE:38:9E:7E:8E:79:9E:FD:51:F9:23:3A:C4:5A","sha256":"71:54:0F:3B:F2:1C:35:F1:F6:82:61:A4:D7:B4:EC:5C:3F:F9:37:67:20:72:6C:B3:26:BB:28:3C:D1:28:BB:70"}}},"request":{"raw":"GET /groupds/116/assets/img/preg2/videos/1.mp4 HTTP/1.1\r\nHost: vids.chopinhunder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vids.chopinhunder.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0\u0026productId=1897\u0026clientId=1365\u0026af=5002301477846324\r\nCookie: c2s_step_des=%5B1%2C2%2C8%5D; c2s_step_limit=3; actual_step=1\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx\r\nDate: Sat, 18 Oct 2025 10:35:12 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 1671002\r\nLast-Modified: Thu, 21 Mar 2024 14:57:19 GMT\r\nConnection: keep-alive\r\nETag: \"65fc4acf-197f5a\"\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\nContent-Range: bytes 0-1671001/1671002\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1671002,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"5e6d106ec28f9d53b26a4b23d17bc20e","sha1":"1830f8e0459d48fdb39b0b367513d5447691cf4b","sha256":"97040abfad0897261ae8e31ddd486d4dd6cb927754bec2ad765283281bc53a88","sha512":"8c760f8eb6cb061e4c51c8a52b483494e936d1c03432ffbd09f446af540d88367fa2bcb64397a7e7b5d86ab644635934f6fccb32411d1b06e0237f11717dce33","ssdeep":"24576:d+RIGUT0oszN6n294Mx+TAjtbRxwIeyZtAorGiN:d+RIGUgosh6I4Mx+TKtbRxwKtkiN","tlshash":"6425237198e6113cde7da977e96a6705820bbbe193d10bc3b00c09ce5fb67608fd2526","first_seen":"2025-10-11T22:57:40.810647Z","last_seen":"2025-11-03T17:12:23.218448Z","times_seen":4,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":56,"receive":469,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"relifassum.com/?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0","fqdn":"relifassum.com","domain":"relifassum.com","tld":"com"},"ip":{"addr":"185.32.28.133","port":443,"asn":15699,"as":"Adam EcoTech, S.A","country":"Spain","country_code":"ES"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-18T10:35:11.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"relifassum.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Oct 2025 03:04:43 GMT","end":"Mon, 12 Jan 2026 03:04:42 GMT"},"fingerprint":{"sha1":"B6:15:C8:E0:FB:DA:C2:16:9E:6C:6C:3C:89:D0:A4:C9:CF:CB:4F:07","sha256":"F9:9B:CD:23:09:B8:EC:D4:5B:0D:B8:C1:6F:50:A9:31:C2:C6:82:98:AB:32:9E:DC:39:28:95:19:99:76:2B:4B"}}},"request":{"raw":"GET /?cat=4\u0026groupds=116\u0026clientId=1365\u0026productId=1897\u0026publisher_id={publisher_id}\u0026tracking=0ed32g63zlp4e0 HTTP/1.1\r\nHost: relifassum.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Oct 2025 10:35:11 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nSet-Cookie: redirect_user_data=%7B%22country%22%3A%22NO%22%2C%22city%22%3Anull%2C%22isp%22%3A%22blix+solutions%22%2C%22netspeed%22%3A%22%22%7D; expires=Sat, 18-Oct-2025 10:45:11 GMT; Max-Age=600\n_tracker_ikangoo=a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002301477846324%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NO%22%3Bs%3A4%3A%22_isp%22%3Bs%3A14%3A%22blix+solutions%22%3Bs%3A5%3A%22_time%22%3Bi%3A1760783711%3B%7D; expires=Sat, 18-Oct-2025 10:37:11 GMT; Max-Age=120\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains; preload\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1354,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"6ec6c5e1fc3c237019e3f1e4bd2aa1d9","sha1":"1ef2557e8d78fc789bdf3fbc3eed5aa8d0be7662","sha256":"64e3bf8c6879d66f83afcf2df86ff55fbcc9ab46d4e91ca622619a52e5b89654","sha512":"f25ce1919f2b62423417ed10a67bf15ad09c5becd84d1134ad2fa2cabaf24671e2726908349e9d6a853033dd2527a090050cd4b11f563a1274046d2cc9715929","ssdeep":"","tlshash":"a321cdb768e1882e2371d67499daf2051da668d3d2581884f48ca5ae8fc0f85c5e72f8","first_seen":"2025-10-18T10:35:35.979407Z","last_seen":"2025-10-18T10:35:35.979407Z","times_seen":1,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":192,"dns":6,"connect":50,"send":0,"wait":100,"receive":0,"ssl":134},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-18","alert":"Sinkholed","trigger":"relifassum.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}