{"report_id":"ed439de2-661f-4a4e-861b-5b3e00c5df4b","version":6,"status":"done","tags":[],"date":"2026-01-27T11:21:22Z","url":{"schema":"http","addr":"design.gives","fqdn":"design.gives","domain":"design.gives","tld":"gives"},"ip":{"addr":"63.247.93.90","port":0,"asn":11042,"as":"NTHL","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"design.gives/","fqdn":"design.gives","domain":"design.gives","tld":"gives"},"title":"design.gives/","dom":{"size":515,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"f140ebf17d5a278f8349c0170dbd8d33","sha1":"a1afa297deb17c5c7b50eae8a2ba08d8392e8617","sha256":"ebb10fbae98d0b2e628b59e4029a6c5f51063c834e15b91bbf263a440b77baa3","sha512":"c0c9715637fb902fb1d6c596694e3dbe0cbbf37416153488eeb9d92c282ce11a70eae7ebc0e899a0807815a2ab08250c882ea4bd4a8ea584221c27760b35f6e9","ssdeep":"","tlshash":"b8f05060d7a9b055a163ae927b9165e059839056931b05dc93b08c64ed441ec0bd3f73","dom_hash":"domhashc1a3a0e4e95fa1aca0104197219f2d3a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"design.gives","fqdn":"design.gives","domain":"design.gives","tld":"gives"},"ip":{"addr":"63.247.93.90","port":0,"asn":11042,"as":"NTHL","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-03T11:21:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"design.gives","ip":{"addr":"63.247.93.90","port":443,"asn":11042,"as":"NTHL","country":"United States","country_code":"US"},"domain_registered":"2024-10-19","domain_rank":0,"first_seen":"2026-01-19T12:56:35.387539Z","last_seen":"2026-01-27T11:03:39.433917Z","alert_count":6,"request_count":2,"received_data":1427,"sent_data":912,"comment":"","tags":null,"fingerprints":[{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.63","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"design.gives/","fqdn":"design.gives","domain":"design.gives","tld":"gives"},"ip":{"addr":"63.247.93.90","port":443,"asn":11042,"as":"NTHL","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-27T11:21:00.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.design.gives","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 07:05:05 GMT","end":"Sun, 22 Mar 2026 07:05:04 GMT"},"fingerprint":{"sha1":"14:04:C2:AE:C5:D9:CB:35:78:EF:3C:C5:6A:27:02:B6:E7:54:02:49","sha256":"D9:D9:7D:86:9B:36:FF:82:40:B6:1F:60:95:90:22:22:94:0B:F9:49:EE:0F:FD:7A:E3:52:8D:95:25:8D:F5:A2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: design.gives\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Jan 2026 11:21:01 GMT\r\nServer: Apache/2.4.63 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.63","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":484,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text","md5":"854803c21b576167c03610e88a1f1697","sha1":"9c518f6abc2c7785ea52323f36f11762d5a1f49f","sha256":"e16c18c64d8c0ed7746d6bba06a71284e497a6566a89516761fb2f865a2c36c3","sha512":"cc606f6af595f475b0b623a535279f383dafb02d5da0432df359a3383ad3abf2f5a771f071c9609fe4f19ea6e7e966240f04b398ddc93dec166ddc85a4373c41","ssdeep":"","tlshash":"72f09e20e7aca070d1639e927751e5a165839057d32b05dc83b08c54ee441ed0bf3fb3","first_seen":"2026-01-27T11:03:40.486534Z","last_seen":"2026-01-27T11:29:21.584368Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1859,"timings":{"blocked":241,"dns":0,"connect":116,"send":0,"wait":1370,"receive":6,"ssl":123},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"design.gives/favicon.ico","fqdn":"design.gives","domain":"design.gives","tld":"gives"},"ip":{"addr":"63.247.93.90","port":443,"asn":11042,"as":"NTHL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://design.gives/","date":"2026-01-27T11:21:02.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.design.gives","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 07:05:05 GMT","end":"Sun, 22 Mar 2026 07:05:04 GMT"},"fingerprint":{"sha1":"14:04:C2:AE:C5:D9:CB:35:78:EF:3C:C5:6A:27:02:B6:E7:54:02:49","sha256":"D9:D9:7D:86:9B:36:FF:82:40:B6:1F:60:95:90:22:22:94:0B:F9:49:EE:0F:FD:7A:E3:52:8D:95:25:8D:F5:A2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: design.gives\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://design.gives/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 27 Jan 2026 11:21:02 GMT\r\nServer: Apache/2.4.63 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.63","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":484,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text","md5":"854803c21b576167c03610e88a1f1697","sha1":"9c518f6abc2c7785ea52323f36f11762d5a1f49f","sha256":"e16c18c64d8c0ed7746d6bba06a71284e497a6566a89516761fb2f865a2c36c3","sha512":"cc606f6af595f475b0b623a535279f383dafb02d5da0432df359a3383ad3abf2f5a771f071c9609fe4f19ea6e7e966240f04b398ddc93dec166ddc85a4373c41","ssdeep":"","tlshash":"72f09e20e7aca070d1639e927751e5a165839057d32b05dc83b08c54ee441ed0bf3fb3","first_seen":"2026-01-27T11:03:40.486534Z","last_seen":"2026-01-27T11:29:21.584368Z","times_seen":3,"resource_available":false,"data":null}},"time_used":689,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":684,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"design.gives","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}