{"report_id":"f1e21242-3f5e-44ee-b926-5987da6865a3","version":6,"status":"done","tags":[],"date":"2025-11-02T23:37:42Z","url":{"schema":"http","addr":"andydayzz.lol/ajax/vote_info/66132","fqdn":"andydayzz.lol","domain":"andydayzz.lol","tld":"lol"},"ip":{"addr":"172.67.170.90","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"andydayzz.lol/ajax/vote_info/66132","fqdn":"andydayzz.lol","domain":"andydayzz.lol","tld":"lol"},"title":"andydayzz.lol/ajax/vote_info/66132","dom":{"size":859,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"9248c78d20324b2efc5249f84cc62822","sha1":"08478fdb4a2ad7b8534281678a7e825da18c1347","sha256":"b1d51364bfe1312f9d9bdcd8f338bab102744a10db0a12c80ac586062c88ce5e","sha512":"d558e887049df3a8637f33b5f4b4c3749533d587dd620ae1dd0fb3f8d48bcb427e18de0fbf996bbe712c2ca767de4b8c8c20304e2fad33e08d23a65d24a3de9c","ssdeep":"","tlshash":"98114e6154a546270456d0c1abf0fb4f3ac1960bda0b16043bfc27e5dbd7c85ec061dd","dom_hash":"domhashf35764c27b7f32db346d587cf51f2283","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWw+PGhlYWQ+PC9oZWFkPjxib2R5PjxkaXYgY2xhc3M9InJhdGluZy1yZXN1bHQiPgogICAgPGRpdiBjbGFzcz0icnItbWFyayI+PHNwYW4+MTA8L3NwYW4+LyA5IHZvdGVkPC9kaXY+CiAgICA8ZGl2IGNsYXNzPSJwcm9ncmVzcyI+CiAgICAgICAgPGRpdiBjbGFzcz0icHJvZ3Jlc3MtYmFyIGJnLXN1Y2Nlc3MiIHJvbGU9InByb2dyZXNzYmFyIiBzdHlsZT0id2lkdGg6IDEwMCU7IiBhcmlhLXZhbHVlbWluPSIwIiBhcmlhLXZhbHVlbWF4PSIxMDAiPjwvZGl2PgogICAgPC9kaXY+CjwvZGl2Pgo8YnV0dG9uIG9uY2xpY2s9Imxpa2UoNjYxMzIpIiBjbGFzcz0iYnRuIGJ0bi1mb2N1cyBidG4tc20gZmxvYXQtbGVmdCI+PGkgY2xhc3M9ImZhIGZhLXRodW1icy11cCBtci0yIj48L2k+TGlrZQo8L2J1dHRvbj4KPGJ1dHRvbiBvbmNsaWNrPSJkaXNsaWtlKDY2MTMyKSIgY2xhc3M9ImJ0biBidG4tc2Vjb25kYXJ5IGJ0bi1zbSBmbG9hdC1yaWdodCI+PGkgY2xhc3M9ImZhIGZhLXRodW1icy1kb3duIG1yLTIiPjwvaT5EaXNsaWtlCjwvYnV0dG9uPgo8ZGl2IHN0eWxlPSJtYXJnaW4tdG9wOiA0MHB4OyBkaXNwbGF5OiBub25lOyIgaWQ9InZvdGUtbG9hZGluZyI+CiAgICA8ZGl2IGNsYXNzPSJsb2FkaW5nLXJlbGF0aXZlIj4KICAgICAgICA8ZGl2IGNsYXNzPSJsb2FkaW5nIj4KICAgICAgICAgICAgPGRpdiBjbGFzcz0ic3BhbjEiPjwvZGl2PgogICAgICAgICAgICA8ZGl2IGNsYXNzPSJzcGFuMiI+PC9kaXY+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9InNwYW4zIj48L2Rpdj4KICAgICAgICA8L2Rpdj4KICAgIDwvZGl2Pgo8L2Rpdj4KPGRpdiBjbGFzcz0iY2xlYXJmaXgiPjwvZGl2Pgo8L2JvZHk+PC9odG1sPg=="}},"submit":{"url":{"schema":"http","addr":"andydayzz.lol/ajax/vote_info/66132","fqdn":"andydayzz.lol","domain":"andydayzz.lol","tld":"lol"},"ip":{"addr":"172.67.170.90","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-07T23:37:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-02","alert":"Sinkholed","trigger":"andydayzz.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-02","alert":"Sinkholed","trigger":"andydayzz.lol","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"andydayzz.lol","ip":{"addr":"104.21.47.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-09","domain_rank":0,"first_seen":"2025-10-16T06:52:08.857655Z","last_seen":"2025-11-02T19:23:53.474599Z","alert_count":2,"request_count":1,"received_data":1727,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"andydayzz.lol/ajax/vote_info/66132","fqdn":"andydayzz.lol","domain":"andydayzz.lol","tld":"lol"},"ip":{"addr":"104.21.47.36","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-02T23:37:20.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"andydayzz.lol","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 09:19:29 GMT","end":"Wed, 07 Jan 2026 10:18:08 GMT"},"fingerprint":{"sha1":"08:34:2E:98:FD:63:DE:54:C8:EA:9C:8D:27:DB:DF:A3:F3:35:E3:ED","sha256":"C7:A9:B9:14:F6:F4:A2:16:38:DA:6A:F5:AC:7F:A4:A1:A5:A5:B4:E8:DB:49:37:B6:8D:92:C0:0C:87:36:62:A6"}}},"request":{"raw":"GET /ajax/vote_info/66132 HTTP/1.1\r\nHost: andydayzz.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 02 Nov 2025 23:37:39 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-dns-prefetch-control: on\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff, nosniff\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0, 1; mode=block\r\ncontent-language: en\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wT87mN1f7VD77M6tJ6es4lu%2Byuzc2dJSgb6TXe65P6GLqccArAThJWNHbnDGjA2W8EarYmYesratukpnPGWDsR6MqOqa4XpS%2FO4sUuk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9987758cbc7b120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":857,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text","md5":"2f9c06b6ab29d78496d6e02848f66278","sha1":"9e89ae93e1d53e71af354f6ca192e3e9761fb2f7","sha256":"c047af0c78a9d183e3e46f4c988a45e0610d5bee206b6bc0334fe70b1708456a","sha512":"03d5d91133f426110e8641fe10e5b0ab3e784c434fe6e424256a5116f148932e49ca2d536247cf428de2b2880f12ff86975271df2de72e965b15394124f92623","ssdeep":"","tlshash":"f511281164a54a27045690c2a7b1fb9f3ac2aa0bde0f16093bfc27e59bd7cc5ec061dd","first_seen":"2025-11-02T23:37:44.829409Z","last_seen":"2025-11-02T23:37:44.829409Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19827,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":19786,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-02","alert":"Sinkholed","trigger":"andydayzz.lol","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-02","alert":"Sinkholed","trigger":"andydayzz.lol","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}