{"report_id":"f5af5b41-b343-402c-9c14-5b6fe47b093c","version":6,"status":"done","tags":[],"date":"2026-03-17T01:43:44Z","url":{"schema":"http","addr":"l2unity.ltd","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"198.13.159.20","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"l2unity.ltd/","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"title":"MetaMask Token Drop — Check Your $MASK Allocation","dom":{"size":16693,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1514)","md5":"a43cbf15f9b8ef7db257fec5df207961","sha1":"c32b3473eeafdf6d4c0136e3dd80dd72e1221afb","sha256":"6efafee1d018453b82c036601da285e88983d12e4e4ebbca84e60159e79816eb","sha512":"a877c81fcf487385d73a9ff26df5aece0e39ee08665d4867343897c2433ce128cc74129f06d39604d45ba378ff59557f1df28080b936339ca8da236c9070ef72","ssdeep":"384:78WjPnbH8E+c0PhJlnJQg9ZmwGyLVlvbE68lCUJ:7LSFfjFlbEl","tlshash":"4d725361a290613a71b7c1d2b5a1a3bf7690d907e15b135875fc06a88fcfd83de33289","dom_hash":"domhash3aca727b4bbcf0b705c3ee453b5863b4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"l2unity.ltd","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"198.13.159.20","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-21T01:43:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"l2unity.ltd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"l2unity.ltd","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-17T01:43:45.063485Z","last_seen":"2026-03-17T01:43:45.063485Z","alert_count":4,"request_count":4,"received_data":172086,"sent_data":1641,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"l2unity.ltd/h32m64z.php","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"198.13.159.20","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"03b6027dc05ff83f1eaa33be25b277dd","sha1":"5298ef17d01acd29bf132c1619b5e16c1da5d0ef","sha256":"e61f10269fe5108da6fa685e0b7691211753a5242496801f1bec6fd5f676c93d","sha512":"3a95bbeef189c454e2ae9b1fe116d65f623fdb5c0b3c9124413800a23089a8c7e0bd023c1365c742e9bed14d1c8b1dec2fd6d27de1ea917cc7e07b004ffdefaf","ssdeep":"1536:KNXc+5ra3h/pGSn28wmc0vAYs4/MEpLFqoi1pwg2GVRWpk:KNMSr8hn21mc0vA36b7qoi1pwgNR0k","tlshash":"81e36199eb4b80ac8e55018ec4b3f889e4544977ce6cb467de2eddc13629f62808717f","size":155589,"data":"","first_seen":"2026-03-17T01:43:48.626796Z","last_seen":"2026-03-17T01:51:03.36705Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"l2unity.ltd/","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"26c83124c0dbfee5bd9e5a0bb2817421","sha1":"aca28cf641fadc1ae5397e5bc317bfec73e096da","sha256":"6142193acd8cac9311707f254d15b4e2595058f5b6b568e2bb0f7e4644772f6b","sha512":"8c5f2d13d3f8971002fb44d2fa68df1b893a2ee0f5d26ba293915f2f36a0de004c6e7fbe6d390a70d39a52b02a77203df9a1ab8ab10ce11d6f7a5d638241cac2","ssdeep":"384:seMrrBXfmaIusgZTTOZQmQsKgk700n9OD76r/ZE5/K42lGnVLyJL5Kq6RBHphR73:OBXfmF/gJOZt8MDQxrzlOVmdC","tlshash":"6a1363a9194694d40f0927efd0f6a48aa2109e67ce9cb55ac52fccc13639fb285c713f","size":42888,"data":"","first_seen":"2026-03-17T01:43:48.628151Z","last_seen":"2026-03-17T01:53:18.316168Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"l2unity.ltd/","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"129c24b9d2d0ce08474831bcee39eb88","sha1":"b1af7d7b807470424cfe213ad504d76732baa896","sha256":"7970802ce96ebd37157bbbca35f4d6f4edf3724d40b12d4921daf692a94d8b31","sha512":"479f77ab3d4360dba86a3e6804b3f91d40b9f522ed51d7bfd278848317703057801b87b48de7a2e5ed4c73182d79d87d60b3583a4eeae8d8dcfdca384f00c2cc","ssdeep":"","tlshash":"7401d0a9b366dea108530abf7993f9b8174c1c013c0285e4469d10117abfb90959fe8c","size":770,"data":"","first_seen":"2026-03-17T01:43:48.629282Z","last_seen":"2026-03-17T01:43:48.629282Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"l2unity.ltd/","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-17T01:43:23.428Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: l2unity.ltd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-30T14:03:17.12774Z","times_seen":15916704,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":0,"dns":18,"connect":29,"send":0,"wait":0,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"l2unity.ltd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"l2unity.ltd/","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"198.13.159.20","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-17T01:43:23.523Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: l2unity.ltd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 17 Mar 2026 01:43:23 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 16 Mar 2026 18:09:56 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69b84774-3b0c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15116,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"39d577bb4f99b14c9517e60d12e62ad4","sha1":"4fe87a34d9548e838152b5d70a2cbc0d9f946488","sha256":"0b16adfa3565faf785f15f30c0336eb40fc8dba9c27792c1a05467438238e6b3","sha512":"6856a07a499b36ee6990cce61439dc8b6ffb48f0992059aa80cb0024e19cf86910b726048ad3e775e7c44f6e449d8ce03d0148dd421550da08c00aa8c61194bf","ssdeep":"384:R8qjPnbH8E+c0Ph+lnJQxMZmwGyLVl+bE68lCUN:RzDs+jFobEJ","tlshash":"e1628561a284713a71e3c4d2b860a7af7694d947e64b135436f942e88fc7dc7ce33289","first_seen":"2026-03-17T01:43:48.624016Z","last_seen":"2026-03-17T01:43:48.624016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":26,"dns":0,"connect":26,"send":0,"wait":27,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"l2unity.ltd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"l2unity.ltd/h32m64z.php","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"198.13.159.20","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://l2unity.ltd/","date":"2026-03-17T01:43:23.660Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /h32m64z.php HTTP/1.1\r\nHost: l2unity.ltd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://l2unity.ltd/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 17 Mar 2026 01:43:24 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Max-Age: 3600\r\nCache-Control: public, max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53539), with no line terminators","md5":"776b49e2c6fc478f5f44bad23305333d","sha1":"628dcc21b338f0aba80cf3407373779e3e1864d1","sha256":"c08c93b3b74920fdfb941401bb22a3ab234e6244ebb6c8f8cf8f06318ebb356c","sha512":"605415d8307fec767a87a796dd4c1c3896a4801c78956ad8ae2bedc8e52a676c5b8c45a9ca358b8260b6945887908bbf225709cc803606de2629aab3ba56616c","ssdeep":"1536:KNXc+5ra3h/pGhH28wmc0vAYs4/MEpLFqoi1pwg2GVRWpk:KNMSr8yH21mc0vA36b7qoi1pwgNR0k","tlshash":"a5f36289db2ba2ac8e15218ec4b3f445e6d44923ce5cb4679d1eddc23629f6980c317f","first_seen":"2026-03-17T01:43:48.625323Z","last_seen":"2026-03-17T01:43:48.625323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"l2unity.ltd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"l2unity.ltd/h32m64z.php?m=2956186","fqdn":"l2unity.ltd","domain":"l2unity.ltd","tld":"ltd"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://l2unity.ltd/","date":"2026-03-17T01:43:24.569Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /h32m64z.php?m=2956186 HTTP/1.1\r\nHost: l2unity.ltd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://l2unity.ltd/\r\nOrigin: http://l2unity.ltd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-30T14:03:17.12774Z","times_seen":15916704,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":69,"dns":0,"connect":29,"send":0,"wait":0,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"l2unity.ltd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}