{"report_id":"ef6c4461-cad4-4b9c-8c15-23929cb4f3b9","version":6,"status":"done","tags":[],"date":"2026-05-05T02:00:20Z","url":{"schema":"http","addr":"buldumdenburdaartuk67.click","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"title":"DenizBank İnternet Bankacılığı","dom":{"size":266505,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (54404)","md5":"c7a122474d29d05e80568ea7f4a1da1f","sha1":"af2ea8e9c737a75b4a34e018f22a73b9ec8f2b6f","sha256":"e631341c1d4cd99ec8f15f02df43b212f06fa3ccfaba31157768b068cc2a9df9","sha512":"cd4f5111a2dded291e9eafb9c3ddf6cf1dfde9c2085e38733eede17e15b78da8cec3d49358a4e6c99ed573e91f36e8f5ba7425dd75651dc38ce3c222051a84c6","ssdeep":"6144:6EcUP29e9LPvD/Oipq+1cJQgfk2kfuCeyzC:xcU+9e9TvrfpqzJQOIf1zC","tlshash":"f144f17172ae52e7a3d746daf12e46341cf2c52bcd8ce1cd389c641597e2a14ec89eb0","dom_hash":"domhasha678a42982bbe0e288f092942cead2a5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"buldumdenburdaartuk67.click","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-09T02:00:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"buldumdenburdaartuk67.click","ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-05-04","domain_rank":0,"first_seen":"2026-05-05T00:19:08.769243Z","last_seen":"2026-05-05T00:19:08.769243Z","alert_count":54,"request_count":27,"received_data":1494809,"sent_data":13610,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"PHP:8.4.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Dynatrace RUM","description":"Dynatrace RUM is a AI powered, full stack, automated real user monutoring platform built by Dynatrace.","website":"https://www.dynatrace.com/platform/real-user-monitoring","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["RUM"]},{"name":"Dynatrace","description":"Dynatrace is a technology company that produces a software intelligence platform based on artificial intelligence to monitor and optimise application performance and development, IT infrastructure, and user experience for businesses and government agencies throughout the world.","website":"https://www.dynatrace.com","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-03T22:25:11.554838Z","alert_count":0,"request_count":1,"received_data":445358,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd089cd9b356dc4e6d15a8aa0743e75e","sha1":"f35e8af3462a09df8a86564517579c7491ef60f0","sha256":"d58dc127db01e4ced58ddcdd013c05878f5383487555f8a7075341f692f0df97","sha512":"002357e86931c8c8d9ae937b32fbef79ddb5da2b6b75a9de6bdd3e4a5cb1b0833b3f2596e11266d8611dc009154f11d954b96e2d222087731c8e6c567a7f504c","ssdeep":"","tlshash":"f0c02b8c210a0cb047fb27008b7ff600b4873314ace06a35484a33444d70e07d744860","size":153,"data":"","first_seen":"2023-03-07T12:38:23Z","last_seen":"2026-05-05T02:08:24.284311Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"0a77e8e6e01c4cd2199d2d10b07617c0","sha1":"63513f926f72e46425bc5dd3900656483b0a3800","sha256":"585d22302c8518ac5e870e746b80c63e04a4fef04e12e93c59804eb53b801f70","sha512":"13c542eab6a41daa7d72d2b5f35fc38dbcc3cd277f7a49c08063115df5e8ef752d7dd184a792fbbee64f85e84ff2172d8e34c7caea7c5f0b83aed42390f11a6a","ssdeep":"","tlshash":"915165061ca380215a6e364aebbfd328357396531441d405798cce49af64fa7ccbae9a","size":2721,"data":"","first_seen":"2023-03-07T12:07:31Z","last_seen":"2026-05-05T02:08:24.285123Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3569b4ad2363401125231da76eabeb3d","sha1":"05be5720ea43da5ecc75fb32fc18bb8dc1a744e9","sha256":"b2297a0027e96e0901695cf936178c514438edae989bb20e3324a163703e368d","sha512":"6ea7e3191fbd89f5b5a116074a355c8e71b3aea6ea4154ecb926c3cd7d1703b22b0fe7a71df4cc7bb479d51f217e01f26565ad2d5cbb4dcf192ad6c8c3cbf6a9","ssdeep":"6144:8ps1l4TSFzY/JHVAEpjDCer6F5gdbqDfkygLYumM:N4T2Y/JH11+DMBf","tlshash":"999419cdb3d674625396f478903f018ba57b29a2b44cc899f18acce42e7465a4237f7c","size":444754,"data":"","first_seen":"2026-05-05T00:19:14.890552Z","last_seen":"2026-05-05T02:08:24.283557Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20 HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nCookie: _ga_JV07ZMRWNH=GS2.1.s1777946398$o1$g0$t1777946398$j60$l0$h0; _ga=GA1.1.1967817812.1777946398\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/sifre.png","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /sifre.png HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 2496\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-9c0\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2496,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 36x34, components 3","md5":"116f84727996ddda2d71b3c85cf358ac","sha1":"a90ef391e339ddafbe5ae9f1f3d7d8d5cbf4a4e8","sha256":"7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17","sha512":"efe2c0d9eddfee4a0bea8fdbe2e103b2b04f7f6bee3fa1561e2d8722c6f05b3b98fdc0fdfa9475cf495db8bfefb149fcb027575cca549011209574b2b05e77dd","ssdeep":"","tlshash":"43511a175bf2aaa0c8e3c7ba63902687d74b558075d97e05e8310be6c300d42d082d9c","first_seen":"2023-05-04T02:19:33Z","last_seen":"2026-05-05T02:08:24.276894Z","times_seen":72,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/img/login/login-footer-logo.svg","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/img/login/login-footer-logo.svg HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2239\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-8bf\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2239,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c0ddebba4f15d5e966e993727605c03d","sha1":"df6ba82ac9022f0309037baa9dbf6fbcfaaca543","sha256":"59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378","sha512":"81c8fa6a6477529130de72ab6e265aa9ba209e6ce5b4f8440961ab57241cf214604c6da5c6aca8a07a0a4191813c093cbd19b9f81382a2e133e29033863460b3","ssdeep":"","tlshash":"9d4174e10b74a0b890e71f2cef350d95ae8ba8fed7614380b29c642b9b67e459503d58","first_seen":"2023-05-01T10:01:38Z","last_seen":"2026-05-05T02:08:24.277678Z","times_seen":119,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/ruxitagentjs_ICA27SVfqrux_10221210805073954.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /ruxitagentjs_ICA27SVfqrux_10221210805073954.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/runtime.c298608e9647c69cc550.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /runtime.c298608e9647c69cc550.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/polyfills.e7c27bf15bf48a72de71.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /polyfills.e7c27bf15bf48a72de71.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/vendor.67eb8a7592425af0ba81.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /vendor.67eb8a7592425af0ba81.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/main.c01c0c9a76089d1c0f34.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /main.c01c0c9a76089d1c0f34.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/img/loading.gif","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/img/loading.gif HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/gif\r\ncontent-length: 37840\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-93d0\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":37840,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 96 x 96","md5":"a5ac552d6a23421d7697f897729a2def","sha1":"836cb1e7a61967b762898a3ce32e64ca7713119c","sha256":"4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a","sha512":"cd1e1f9c1e6c05baf7ae3d11c909856e392c02773d39c18a480d6689f8de2d5e255d249d348ea6c24ac2d6df581de5187498025a6b378ba87f97f35e19222008","ssdeep":"768:pHxwCT4I3lmUgcEyCO3aUkJxIMSZ9EYTjrBU0XM+9HlgS2lkdshIGhI:pHxhc0lLgcEyCOKUkrHSZ9EYTjrBU0cS","tlshash":"3803e8a3d66c8672eee755741901cf2b8cc4525c40f17bda9af62df0128ab44cbac1e3","first_seen":"2023-05-01T09:44:05Z","last_seen":"2026-05-05T02:08:24.28203Z","times_seen":162,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/img/logo-light.svg","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/img/logo-light.svg HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 180545\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-2c141\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":180545,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3140e053e7a3dde67e7b2c81b23771d2","sha1":"5d0558f8da94ace88a622c70b8857bde38d7ba12","sha256":"3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb","sha512":"1b1a21016b9b99d5b58949777b260741fc9f2241ada76cc45482cb45b4f8a3ea32b6a4af53016bb2eb7b72ea3143e22826b366af723b37e383d1f4109eaaf2e5","ssdeep":"768:CvgpvgXvgdvgrvgRvgfvglvgTvg5vgnvgtvg7vgjvgJvg3vg9vgLvgxvg/vgFvgl:RJA3KuhQbJ","tlshash":"fc0457e31b60a25067d3e40eef61a5a4651be1f9d93382c6b2afc74957e3bc8f502d10","first_seen":"2023-05-01T10:01:38Z","last_seen":"2026-05-05T02:08:24.28021Z","times_seen":174,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:17:21 GMT","end":"Wed, 01 Jul 2026 05:17:20 GMT"},"fingerprint":{"sha1":"44:62:36:EA:04:7F:DE:AF:4E:CA:E9:8F:72:03:CB:45:DF:75:F7:F7","sha256":"B4:8C:53:A3:0D:7C:33:E8:76:50:59:1C:1B:D2:32:8D:60:4E:01:31:A3:F4:72:1A:B4:D1:AB:C2:8A:9A:8C:74"}}},"request":{"raw":"GET /gtag/js?id=G-JV07ZMRWNH HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\nexpires: Tue, 05 May 2026 01:59:58 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150524\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":444754,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"3569b4ad2363401125231da76eabeb3d","sha1":"05be5720ea43da5ecc75fb32fc18bb8dc1a744e9","sha256":"b2297a0027e96e0901695cf936178c514438edae989bb20e3324a163703e368d","sha512":"6ea7e3191fbd89f5b5a116074a355c8e71b3aea6ea4154ecb926c3cd7d1703b22b0fe7a71df4cc7bb479d51f217e01f26565ad2d5cbb4dcf192ad6c8c3cbf6a9","ssdeep":"6144:8ps1l4TSFzY/JHVAEpjDCer6F5gdbqDfkygLYumM:N4T2Y/JH11+DMBf","tlshash":"999419cdb3d674625396f478903f018ba57b29a2b44cc899f18acce42e7465a4237f7c","first_seen":"2026-05-05T00:19:14.890552Z","last_seen":"2026-05-05T02:08:24.283557Z","times_seen":3,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":111,"dns":1,"connect":7,"send":0,"wait":23,"receive":29,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/js/analytics.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/js/analytics.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/img/login/bg/autumn.jpg","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/img/login/bg/autumn.jpg HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 387821\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-5eaed\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":387821,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1701, components 3","md5":"90062fd1b816f53d1f7ddddf1b2d15c4","sha1":"a0407ae398c54b47de374b9813c8be17ec82bb40","sha256":"f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542","sha512":"606787c8c6c4e1f41b58aca63a700d09f7d9bc6d12fdbc5eb523fdcc37c6e1aeac6e96c09379522eb4425c2b765937accda723e0dd125795177b3c3f07de33bf","ssdeep":"6144:R0O4V8dy4Vg/fmnnQcw55g0EL4PJy4HPEIfrfQsb2LHtgmi1:RHkEy8nQJ53EL4M4cIfrftb2Lbi1","tlshash":"b984237a3cf8299adfcacbb55d9c4362103393b6a37a07ef1db556112b21b96f058c01","first_seen":"2023-05-04T02:19:34Z","last_seen":"2026-05-05T02:08:24.281019Z","times_seen":95,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/icomoon.a16e09ed69c51903026e.ttf?bezj20 HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/favicon.ico","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/opensans-semibold-webfont.1045337df148fc781940.woff2","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/opensans-semibold-webfont.1045337df148fc781940.woff2 HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/img/appicon.png","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/img/appicon.png HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-05T01:59:57.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PHP/8.4.20, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.4.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Dynatrace RUM","description":"Dynatrace RUM is a AI powered, full stack, automated real user monutoring platform built by Dynatrace.","website":"https://www.dynatrace.com/platform/real-user-monitoring","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["RUM"]},{"name":"Dynatrace","description":"Dynatrace is a technology company that produces a software intelligence platform based on artificial intelligence to monitor and optimise application performance and development, IT infrastructure, and user experience for businesses and government agencies throughout the world.","website":"https://www.dynatrace.com","common_platform_enumeration":"","icon":"Dynatrace.svg","categories":["Analytics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266562,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (54353)","md5":"b6cdba6bb20d325300b65bc21196015a","sha1":"8c633fc3c9f0f86e539bee252a6bac3a1dec9b66","sha256":"b88714dce1cf5b4929493957b886345779f919d623ca8cba8232ca4a77b2ac6f","sha512":"e84ae3b7d443f5f9d568726a34c7ce75f6b16a12c9283fd1861c3bf9014024895e2648834bfc0034d2be3fdad645b04b615f85063ce841104561674d6c075f5b","ssdeep":"6144:HccUP29e9LPvD/Oipq+1cJQgfk2kfuCeyzc:8cU+9e9TvrfpqzJQOIf1zc","tlshash":"f444f17172ae52e7a3c746daf12e46341cf2c52bcd8ce1cd389c641597e6a14ec89eb0","first_seen":"2026-05-03T14:28:00.038413Z","last_seen":"2026-05-05T02:08:24.282859Z","times_seen":5,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":81,"dns":36,"connect":19,"send":0,"wait":43,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/_assets/img/enbd.png","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /_assets/img/enbd.png HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 3806\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-ede\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":3806,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 72, 8-bit/color RGBA, non-interlaced","md5":"58cf11a4b5f8ebdc29ec2e7b787c8d69","sha1":"cd2686b1f04cfa4afb69b228fd7177d65e907d32","sha256":"1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975","sha512":"799783bae62adfec92e17400a664b4dd4b30efa551c3c81f61daba4b61c9f55da657b74e867c30a961823b509054fa452c98380a41980549824f56893ab9d39b","ssdeep":"","tlshash":"03716cf702df5f9ac2d2c5aaaaf36f300595d67182ed6adc0a124a502f0e2f411b0466","first_seen":"2023-05-01T09:44:05Z","last_seen":"2026-05-05T02:08:24.278501Z","times_seen":171,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/scripts.e8b3c78207fa4f6d6f74.js","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /scripts.e8b3c78207fa4f6d6f74.js HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: W/\"328-64fe609f34fc5\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /styles.14f38c16c3244b5492af.css HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: W/\"620262e7-9024d\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":590413,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (53193), with CRLF line terminators","md5":"e15084a5fa844a4667363a77dbba388a","sha1":"c2fc998a4874ca1ed1f87bc32562270b3a4711d2","sha256":"0ab27addfe127020ce7b9a6a5e3b57a133915e23edbe0852cff7b511507e56ea","sha512":"001ad88484a157a1e51377c16ea19e5cdd58c6e45bb48858357721435c5a1727bb8811892c598e496475c3edb1095dc14e8b186b217ad57df752edcfb41d8c05","ssdeep":"6144:/RTsyx/lJ/q3SYiLENM6HN26jzBN+ZXhzZ:/RTs8Q9N+ZXhzZ","tlshash":"5ac4e9b2f544302df567c65aa4d0b7a8293a8152e7220ffff51776348bca5db0267a0c","first_seen":"2023-04-08T08:29:01Z","last_seen":"2026-05-05T02:08:24.27934Z","times_seen":39,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/user.png","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /user.png HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 2255\r\nlast-modified: Tue, 08 Feb 2022 12:32:39 GMT\r\netag: \"620262e7-8cf\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2255,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 27x34, components 3","md5":"cc0a5532279fefa0f24e6c6a91442acc","sha1":"1a16230291c3c234087a39fa0314a71591f171fb","sha256":"97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309","sha512":"71f9c681d9fbff845b328a2a1234e87d01f8397409721e2ac28a1fec700b18b286fefbe77ffb7dba58803cd2a6ced79050e7427214977e213ca1d581b5291a04","ssdeep":"","tlshash":"61413c78a32117d0cd33c9feded51def62d95cd13d20a80078c24170c278a495c64b4c","first_seen":"2023-05-04T02:19:33Z","last_seen":"2026-05-05T02:08:24.275111Z","times_seen":72,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/opensans-bold-webfont.7b013a3110831768093f.woff2","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/opensans-bold-webfont.7b013a3110831768093f.woff2 HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"buldumdenburdaartuk67.click/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20","fqdn":"buldumdenburdaartuk67.click","domain":"buldumdenburdaartuk67.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://buldumdenburdaartuk67.click/","date":"2026-05-05T01:59:58.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"buldumdenburdaartuk67.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 17:11:39 GMT","end":"Sun, 02 Aug 2026 17:11:38 GMT"},"fingerprint":{"sha1":"6E:3D:62:A3:A4:65:E2:BB:FB:CA:7E:8F:71:E4:EA:A2:49:07:48:3C","sha256":"8C:5E:63:66:82:33:D3:B9:65:A6:6E:21:3B:3A:C5:7A:7A:06:84:17:8D:DC:69:5F:76:D0:4F:66:4A:16:BD:F1"}}},"request":{"raw":"GET /assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20 HTTP/1.1\r\nHost: buldumdenburdaartuk67.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://buldumdenburdaartuk67.click/styles.14f38c16c3244b5492af.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 05 May 2026 01:59:58 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Mon, 20 Apr 2026 15:34:48 GMT\r\netag: \"328-64fe609f34fc5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-05T04:47:06.018233Z","times_seen":36156,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-05","alert":"Sinkholed","trigger":"buldumdenburdaartuk67.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}