{"report_id":"f79863bf-c30f-4eef-923f-02a116208795","version":6,"status":"done","tags":[],"date":"2026-04-18T23:08:23Z","url":{"schema":"http","addr":"www.onlinepont.cc/","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"ip":{"addr":"144.31.11.214","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"www.onlinepont.cc/","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"title":"onlinepont.cc/","dom":{"size":86,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"fa94f52629c7097924c0db765d4e841e","sha1":"ac87e37021ac4022ef7218bc0803b643e12bbc72","sha256":"98df2b9ea4e84dc7aa16bdfd3212cc393dfaeb57ecf4ade55f83d59ae671afd7","sha512":"fba5400120ec129f27a948672d1d7d47687e4400b2667b749e6d8880d8c7d8e77a19fb44ca2e5e209a4668a505776e4b41ff66c8508ee4847a5a996a1e757075","ssdeep":"","tlshash":"3ba012ea5d404819b5b079c008d0674c0c14c514a002890005d02010411038d8d02980","dom_hash":"domhashe7878feada357c83b98d617f7576c066","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.onlinepont.cc/","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"ip":{"addr":"144.31.11.214","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-23T23:08:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.onlinepont.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.onlinepont.cc","ip":{"addr":"144.31.1.172","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":810,"sent_data":1595,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"www.onlinepont.cc/favicon.ico","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"ip":{"addr":"144.31.1.172","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.onlinepont.cc/","date":"2026-04-18T23:08:01.044Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.onlinepont.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.onlinepont.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 456 \r\nDate: Sat, 18 Apr 2026 23:08:01 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-20T23:24:31.839881Z","times_seen":249,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.onlinepont.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.onlinepont.cc/","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"ip":{"addr":"144.31.1.172","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T23:08:00.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"onlinepont.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 00:49:20 GMT","end":"Mon, 08 Jun 2026 00:49:19 GMT"},"fingerprint":{"sha1":"B9:4C:43:74:FB:60:9F:68:2D:16:FB:70:2C:D4:84:B3:4C:3E:6E:70","sha256":"E1:31:F5:9E:64:C3:61:2F:01:94:AE:84:88:EF:E1:96:A0:2B:9A:47:25:4D:63:0A:2B:8A:82:1B:CB:C7:C3:F7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.onlinepont.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 456 No Reason Phrase\r\ndate: Sat, 18 Apr 2026 23:08:00 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: nginx\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"No Reason Phrase","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-20T23:24:31.839881Z","times_seen":249,"resource_available":true,"data":null}},"time_used":1321,"timings":{"blocked":644,"dns":575,"connect":31,"send":0,"wait":32,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.onlinepont.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.onlinepont.cc/","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"ip":{"addr":"144.31.1.172","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T23:08:00.854Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.onlinepont.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 456 \r\nDate: Sat, 18 Apr 2026 23:08:00 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-20T23:24:31.839881Z","times_seen":249,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":29,"dns":1,"connect":31,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.onlinepont.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.onlinepont.cc/_guard/html.js?js=p456","fqdn":"www.onlinepont.cc","domain":"onlinepont.cc","tld":"cc"},"ip":{"addr":"144.31.1.172","port":80,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.onlinepont.cc/","date":"2026-04-18T23:08:00.997Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /_guard/html.js?js=p456 HTTP/1.1\r\nHost: www.onlinepont.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.onlinepont.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 456 \r\nDate: Sat, 18 Apr 2026 23:08:01 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-20T23:24:31.839881Z","times_seen":249,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.onlinepont.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}