{"report_id":"fba46dc7-8bab-4e4d-81b4-9254d65cf943","version":0,"status":"done","tags":[],"date":"2026-06-11T01:02:30Z","url":{"schema":"http","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":0,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"title":"simotown.su","dom":{"size":821,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e985446f998ccb70b515cee288e5f4c6","sha1":"95b4f58309d727ef22e4e5c4b475ec31dc57ce31","sha256":"fcb3a3cda541d38bef30c48cd2ee1196a2675ad03c2f1a8d03dfad6545fc7c8b","sha512":"489d2729fb3ca961f5d422a5b5f48791afbd249a80117b5279a9083fde09a4627114444c0f78f8e8356d33e3f80515f5e7d9d4c28095aef3cea689b13a8a2460","ssdeep":"","tlshash":"4e01bd459062980f34524bf6dccab86cc8969c0fc41d2cc0ba16519a8fdafaa897375d","dom_hash":"domhash6c21f228e1268722dc16d1665aa7dc24","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":0,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T01:02:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"euob.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"obseu.northwavepoint.com","ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2026-01-28","domain_rank":0,"first_seen":"2026-04-16T09:06:21.210986Z","last_seen":"2026-06-04T12:20:08.815079Z","alert_count":7,"request_count":7,"received_data":7232,"sent_data":6165,"comment":"","tags":null,"fingerprints":null},{"fqdn":"euob.northwavepoint.com","ip":{"addr":"13.249.8.120","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-01-28","domain_rank":0,"first_seen":"2026-04-16T09:06:21.216693Z","last_seen":"2026-06-04T12:20:08.662027Z","alert_count":1,"request_count":1,"received_data":137467,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"simotown.su","ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"domain_registered":"2026-04-12","domain_rank":0,"first_seen":"2026-06-11T01:02:30.591207Z","last_seen":"2026-06-11T01:02:32.609484Z","alert_count":0,"request_count":3,"received_data":12491,"sent_data":1885,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}]},{"fqdn":"yfdnzfa.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-07-22","domain_rank":2046902,"first_seen":"2025-07-30T07:20:07.727106Z","last_seen":"2026-06-06T02:32:59.324262Z","alert_count":4,"request_count":1,"received_data":0,"sent_data":573,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"introduction_type":"eval","is_inline":false,"md5":"889ca9e2c79a3ce7aaadbcdfd0ce4ef5","sha1":"b05c2c051bae71f80cb8c289e5a42d4f96d323fa","sha256":"6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8","sha512":"122a494d50a5e8077cdda40e8d6edb442bb9d89fff078852aad7f84fe24f1c58fe693f0388ca6c9453d1b33036da0b9c4e9fb394a18268e254d306ffc2ca57a3","ssdeep":"","tlshash":"46a002d4b4ed8125564583390104d91cf936c934c0d5701873f0466ca6e700a53610b2","size":62,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-06-20T07:50:29.629894Z","times_seen":383869,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/7a425d00-8e8e-4bc5-8326-edc6ecba5a1d","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"introduction_type":"","is_inline":false,"md5":"d1f86187bea9d658e6ce04cfba62e7a1","sha1":"e41a269c2666434229680c3cfa14310176f725a5","sha256":"3791113942ab28420a37a8fdd996102cbf904d63889ce67759ddb7aee71e2d99","sha512":"39513b0aa16d39a25e669df959cceff6d8c6efa33336bc9592a75b2ba6d9a237b3f8bcc01fab2996dad359c1b682da2b8271abff45e539783592b6dbaff83cea","ssdeep":"","tlshash":"33014d08e53c1b64436b291236cff509e03b4644798b617840aa88884eb99d720127f9","size":779,"data":"","first_seen":"2026-06-11T01:02:35.563179Z","last_seen":"2026-06-11T01:02:35.563179Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"euob.northwavepoint.com/sxp/i/636f8b858f681acb7bfa6f583a96630a.js","fqdn":"euob.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"13.249.8.120","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bb3ab22ed57318ee11d270c1c3f59ce","sha1":"d88ea0564fd58af764b741b0a50e78b4523e7103","sha256":"93c03215b2f3bdddd55ce066691d5fba626924cb98f3eaab8ce8e177d030599a","sha512":"8cd9d5fb4c2cc64831f03cb4c770788b233770dd82edf5d4b5c1670b6c7d8d5d741214857b702f1ed6b06bea259f3149b9a289805770bbdc8d5228c2c0c66457","ssdeep":"1536:sD+qPQb5SEwvAu5DWeBPU4HLonMbVGhe3qM87961QCixUcnYtB/l7PsXWIo6MWmN:sCqP/AuZWyjqu1QCtveXolS0nInWBypO","tlshash":"8bd3d7ddf2e27025039320a5017f411ae27b1e553c4b8290d5bae9d4ac7ce8e957bfac","size":136943,"data":"","first_seen":"2026-06-01T21:19:08.293855Z","last_seen":"2026-06-14T18:29:01.620025Z","times_seen":3492,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"introduction_type":"eval","is_inline":false,"md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-06-20T07:50:29.628172Z","times_seen":412019,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"introduction_type":"eval","is_inline":false,"md5":"e5d8c139688b25ef77b263d88ea99150","sha1":"7abc9c61c4966543f66d150c0155bfac575f86a7","sha256":"53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148","sha512":"1cd4eb192d987ea1b21f3b553eea3881c807f8bf4a5299982675d57314a0eaa084db1722c38d02eb73178660ecb1ca3667a795a512527f843f2526dc0a99dc20","ssdeep":"","tlshash":"7440000000003000033c0000000000c0000c00000000000000000c00030000000c0000","size":7,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-06-20T07:50:29.628733Z","times_seen":383876,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"introduction_type":"eval","is_inline":false,"md5":"6559111e4eae643ce013ce0821e91a02","sha1":"fa1086c9aa2cb2d14f5c13bceefe21511bcdae5a","sha256":"d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400","sha512":"a6e3e096076dc152b69e95709dad8925c9c2799c23ad226b9ce7b6ee78936bea7300b66c92821ea0728ce7433d4f53787f27f5e7101f97e4d882be0a461fc051","ssdeep":"","tlshash":"407000000380020020c80233a200882af228003c00030200c008888800a808002080c2","size":25,"data":"","first_seen":"2023-03-07T01:20:41Z","last_seen":"2026-06-20T07:50:29.6293Z","times_seen":383828,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Failure callback complete.","filename":"https://simotown.su/","line_number":0,"column_number":0},{"level":"log","text":"Failure callback complete.","filename":"https://simotown.su/","line_number":0,"column_number":0},{"level":"log","text":"map[type:null]","filename":"https://simotown.su/","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"obseu.northwavepoint.com/mon","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://simotown.su/","date":"2026-06-11T01:02:09.703Z","timestamp":1781139729703,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2964\r\nOrigin: https://simotown.su\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nCookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://simotown.su\r\ncontent-type: application/json\r\ndate: Thu, 11 Jun 2026 01:02:09 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":3840,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.northwavepoint.com/mon","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://simotown.su/","date":"2026-06-11T01:02:14.710Z","timestamp":1781139734710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2964\r\nOrigin: https://simotown.su\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nCookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://simotown.su\r\ncontent-type: application/json\r\ndate: Thu, 11 Jun 2026 01:02:14 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":3840,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"euob.northwavepoint.com/sxp/i/636f8b858f681acb7bfa6f583a96630a.js","fqdn":"euob.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"13.249.8.120","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://simotown.su/","date":"2026-06-11T01:01:59.117Z","timestamp":1781139719117,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 29 Jan 2026 00:00:00 GMT","end":"Sat, 27 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"CC:B5:FD:45:6E:B8:DC:24:11:6A:30:38:E9:1D:FB:81:45:2E:FA:8D","sha256":"32:3C:54:8F:1C:33:6B:BE:0F:39:18:D6:DB:E7:61:78:95:9A:27:61:E7:33:FF:DA:F0:5E:F5:B4:82:D5:5E:A7"}}},"request":{"raw":"GET /sxp/i/636f8b858f681acb7bfa6f583a96630a.js HTTP/1.1\r\nHost: euob.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 51295\r\ncontent-encoding: gzip\r\nserver: Caddy\r\netag: \"216ef-2I6gVk/Vivdkt0GwpQ54tFI+cQM\"\r\ndate: Wed, 10 Jun 2026 20:01:27 GMT\r\ncache-control: max-age=43200\r\nexpires: Thu, 11 Jun 2026 08:01:27 GMT\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 c683b079c7e660e9b6ed70f15b96641e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P3\r\nx-amz-cf-id: 3ClVmRIADDuTipAcuycT0SJzqQGA4asC2AgzOmowxRfUyzdGblDz7A==\r\nage: 18032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":136943,"size_decoded":51819,"mime_type":"text/javascript; charset=utf-8","magic":"data","md5":"1bb3ab22ed57318ee11d270c1c3f59ce","sha1":"d88ea0564fd58af764b741b0a50e78b4523e7103","sha256":"93c03215b2f3bdddd55ce066691d5fba626924cb98f3eaab8ce8e177d030599a","sha512":"8cd9d5fb4c2cc64831f03cb4c770788b233770dd82edf5d4b5c1670b6c7d8d5d741214857b702f1ed6b06bea259f3149b9a289805770bbdc8d5228c2c0c66457","ssdeep":"1536:sD+qPQb5SEwvAu5DWeBPU4HLonMbVGhe3qM87961QCixUcnYtB/l7PsXWIo6MWmN:sCqP/AuZWyjqu1QCtveXolS0nInWBypO","tlshash":"8bd3d7ddf2e27025039320a5017f411ae27b1e553c4b8290d5bae9d4ac7ce8e957bfac","first_seen":"2026-06-01T21:19:08.293855Z","last_seen":"2026-06-14T18:29:01.620025Z","times_seen":3492,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":12,"connect":8,"send":0,"wait":10,"receive":8,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"euob.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/aff24a54-16da-4405-8fe9-500ce9cbe3ee/eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.fusCEG1YFffQy0H2n7iU_nUUxDxthyfLkq9v2ya8oYHTGpT7wrIqwA.hmiygvunC9QdktHRx7tMxA.8fqDP_ByA0YGW2-3AX2EJ-eJBt6X1gn0S2Y-uMGVbfWhqGbEfgrmVUnkCtM4QH9BVAF-V_HTCa37xcOMB1x_DUrqPE2vfrPMrT0JKe68Tt6rSc9OIBKLATQ0CSX_BZ7D4q8k8fJWJ5VUwdia4bpNK0k5oNKfgBoweta5fjJZ5BJHC2D0olm5yiqU3SS-UTXuvF3KGbr-vk2ObR406CdmoxjikqwzERADkqyYYmSED_JwDgHsBFVGB6RkzFcJWd3ExpPHR3cjvZRyPe71GaO1KsvCIVcWc1k3_N7EsVjfcZA.Ic-dLz7GTtSMI8DfnBPLng","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://simotown.su/","date":"2026-06-11T01:01:59.125Z","timestamp":1781139719125,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"simotown.su","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 11:31:08 GMT","end":"Sat, 11 Jul 2026 11:31:07 GMT"},"fingerprint":{"sha1":"87:95:60:BA:6F:A3:B4:7A:80:3F:29:BF:3D:B7:94:85:4F:EC:95:2B","sha256":"4D:12:3B:B8:E1:EC:1B:A6:65:3D:BF:02:EF:04:31:A8:29:89:70:01:1B:39:E6:6B:3A:22:CE:ED:DE:E4:28:DD"}}},"request":{"raw":"GET /aff24a54-16da-4405-8fe9-500ce9cbe3ee/eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.fusCEG1YFffQy0H2n7iU_nUUxDxthyfLkq9v2ya8oYHTGpT7wrIqwA.hmiygvunC9QdktHRx7tMxA.8fqDP_ByA0YGW2-3AX2EJ-eJBt6X1gn0S2Y-uMGVbfWhqGbEfgrmVUnkCtM4QH9BVAF-V_HTCa37xcOMB1x_DUrqPE2vfrPMrT0JKe68Tt6rSc9OIBKLATQ0CSX_BZ7D4q8k8fJWJ5VUwdia4bpNK0k5oNKfgBoweta5fjJZ5BJHC2D0olm5yiqU3SS-UTXuvF3KGbr-vk2ObR406CdmoxjikqwzERADkqyYYmSED_JwDgHsBFVGB6RkzFcJWd3ExpPHR3cjvZRyPe71GaO1KsvCIVcWc1k3_N7EsVjfcZA.Ic-dLz7GTtSMI8DfnBPLng HTTP/1.1\r\nHost: simotown.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://simotown.su/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 \r\nalt-svc: h3=\":8443\"; ma=2592000\r\ndate: Thu, 11 Jun 2026 01:01:59 GMT\r\nserver: Caddy\r\nvia: 1.1 Caddy\r\nx-log-success: 6a2a0907af029073701e5a34\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":177,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/favicon.ico","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://simotown.su/","date":"2026-06-11T01:01:59.281Z","timestamp":1781139719281,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"simotown.su","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 11:31:08 GMT","end":"Sat, 11 Jul 2026 11:31:07 GMT"},"fingerprint":{"sha1":"87:95:60:BA:6F:A3:B4:7A:80:3F:29:BF:3D:B7:94:85:4F:EC:95:2B","sha256":"4D:12:3B:B8:E1:EC:1B:A6:65:3D:BF:02:EF:04:31:A8:29:89:70:01:1B:39:E6:6B:3A:22:CE:ED:DE:E4:28:DD"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: simotown.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Thu, 11 Jun 2026 01:01:59 GMT\r\netag: \"dfu820j7awxu0\"\r\nlast-modified: Wed, 21 Jan 2026 11:14:12 GMT\r\nserver: Caddy\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":309,"mime_type":"image/vnd.microsoft.icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yfdnzfa.com/?dn=simotown.su\u0026pid=9PO755G95","fqdn":"yfdnzfa.com","domain":"yfdnzfa.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://simotown.su/","date":"2026-06-11T01:01:59.371Z","timestamp":1781139719371,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /?dn=simotown.su\u0026pid=9PO755G95 HTTP/1.1\r\nHost: yfdnzfa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"yfdnzfa.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.northwavepoint.com/ct","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://simotown.su/","date":"2026-06-11T01:01:59.377Z","timestamp":1781139719377,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"POST /ct HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 4508\r\nOrigin: https://simotown.su\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://simotown.su\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Thu, 11 Jun 2026 01:01:59 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\nset-cookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44; Max-Age=29030400; Path=/; Expires=Thu, 13 May 2027 01:01:59 GMT; HttpOnly; Secure; SameSite=None\r\ntiming-allow-origin: https://simotown.su\r\ncontent-length: 2120\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":4981,"size_decoded":2726,"mime_type":"application/json","magic":"JSON text data","md5":"89a533de5d5b36a835f4677f65b23cdc","sha1":"2fe15a20a497c574d9795eb981fe01bc676b89d0","sha256":"d38a572d4d99e240416f85c5ffadf893211c0928c6e8a35add90726a2db76ad1","sha512":"4fdff5102a551355189ffc985c5ab0c93a48b7b7f3716c5c7d8173daf61f45609d64c0ebbbe66349cad07b455ea4165f3a670d8b442a39fda7174e3b43fe045c","ssdeep":"96:n/i2n6/6FXjGbE5/i/n6/6FXjGbEDxhFLVT+JeqA:n/rLS45/CLS4DxbLae","tlshash":"63a12c3649290f307fffa7570567afe98773af5270d3507e957813471c93228698a810","first_seen":"2026-06-11T01:02:35.556187Z","last_seen":"2026-06-11T01:02:35.556187Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":7,"connect":35,"send":0,"wait":113,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.northwavepoint.com/tracker/tc_imp.gif?e=37dfbd8ee84e001262efc636e3408b949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d57138d642f17070100b1eabfd72e30d69183042b3e18f6646541c2628b70cd16340477c200080961015e97ef3d1d6df432e131da1af89433a6546dac0f7f7e15c84ffe1fbe85ddcd3cb82d19f97adea954659005344163588b934131b723f8b388a75f45af34d0fd60b47d8b74c14e851538c9745bad4b01473cb52d3ea7dfa2f46cff1ab458da17f85e3975bddc273b7d70588661979d00e07360abc8ee3d4f7a23d6862f208a902a476811275843b88f2f646307b6e65b3bd9eae72482e05f774e7faaa1acc1cb77b8dbdf59bf04cd5d38379bbac8bcf23c958ae66b912112c3a79c3e1215f0606ca08c0621ac84e97e9d5ebb02f2c712dd508896229b7c6ad1c7399b208fc0f4e1dbbaf1132bea3df4eeab6a0e6aaed96091b75ea116540bc5232597ccc3c881a4d57e883dd3deedde36ae6c7c3083683b9384d1166790a633aa0ba7cb0db571be5b45455f8e79fd06f8d7ad70bfc7768710e49bd7de6498524961bd06545f3e073ec2af42ba4ed3c0910fa3de3dbddf6c94c2edfe5c81bbe05370558ea9060494f7471a12faacba0da73b99f65defe02eb260a1319551dc08d6a83cc41a3be5ae92653d2361032a085a0babe18c6fda1eb6454e472ee4b753c291180dfea4c2b3bc6dc3f1f9f586f9aded56463cfa449aab506e82477906de635c7470eb72af771fdef6c8638b67cb388aa924d1a50e917c133c2304780f81c7e5da2066529b1c5988d1dabeacd755059faca07b96cb1e67ca8657653deb9bcb573fb6208d5e9e19ea389a1bc5a9738ceb5bb8ca80adf12423aee63914906ab4cef5f2428e6626171b956f4b51b0a05688ed1dd49ac59f22b2c3d4685b6e22ef57af51ac47ae932dd36b17334b287c61e05d86803256b068c1aeeb4abfcf10f30337ae442256c29da06a22fc6de7cc508c153b6b27a0296ec6f6c562cb4b2cced457f0a382acd10683020b4040a52e7a0c8e9a0e40a868b2bcd3278cd2ef124f3cff3b320205d30510bbccac0a1b936372cf85c71c8bc6b0cf4530e573e856785ccd5231209683510399dce0d7e1ae01be79f52cc72fc193109dbbad393dee9a5293ddacb8c1f3d5cd305e9ea4610cdd2d9854d802bdf839f09cdfdf63ba94c9eaa90522c3f3ecb5519e17fa104925513d88823324bb3cb4098acd75db4e6ab73b018622af9c3821f7302c034f8ea8846bd89b07622c5b3c8f9dcdf9cb75cf49eaee6f6bd5d304141919387b6ba472f1ae0808a0f49587a6f3f8fff5dd22f0fd9852366f04312e7f74578b124551b6caad862bb29e311bd4c15ea6c107dbd69685\u0026cri=leUsMda9JY\u0026ts=270\u0026cb=1781139719644","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://simotown.su/","date":"2026-06-11T01:01:59.648Z","timestamp":1781139719648,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"GET /tracker/tc_imp.gif?e=37dfbd8ee84e001262efc636e3408b949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d57138d642f17070100b1eabfd72e30d69183042b3e18f6646541c2628b70cd16340477c200080961015e97ef3d1d6df432e131da1af89433a6546dac0f7f7e15c84ffe1fbe85ddcd3cb82d19f97adea954659005344163588b934131b723f8b388a75f45af34d0fd60b47d8b74c14e851538c9745bad4b01473cb52d3ea7dfa2f46cff1ab458da17f85e3975bddc273b7d70588661979d00e07360abc8ee3d4f7a23d6862f208a902a476811275843b88f2f646307b6e65b3bd9eae72482e05f774e7faaa1acc1cb77b8dbdf59bf04cd5d38379bbac8bcf23c958ae66b912112c3a79c3e1215f0606ca08c0621ac84e97e9d5ebb02f2c712dd508896229b7c6ad1c7399b208fc0f4e1dbbaf1132bea3df4eeab6a0e6aaed96091b75ea116540bc5232597ccc3c881a4d57e883dd3deedde36ae6c7c3083683b9384d1166790a633aa0ba7cb0db571be5b45455f8e79fd06f8d7ad70bfc7768710e49bd7de6498524961bd06545f3e073ec2af42ba4ed3c0910fa3de3dbddf6c94c2edfe5c81bbe05370558ea9060494f7471a12faacba0da73b99f65defe02eb260a1319551dc08d6a83cc41a3be5ae92653d2361032a085a0babe18c6fda1eb6454e472ee4b753c291180dfea4c2b3bc6dc3f1f9f586f9aded56463cfa449aab506e82477906de635c7470eb72af771fdef6c8638b67cb388aa924d1a50e917c133c2304780f81c7e5da2066529b1c5988d1dabeacd755059faca07b96cb1e67ca8657653deb9bcb573fb6208d5e9e19ea389a1bc5a9738ceb5bb8ca80adf12423aee63914906ab4cef5f2428e6626171b956f4b51b0a05688ed1dd49ac59f22b2c3d4685b6e22ef57af51ac47ae932dd36b17334b287c61e05d86803256b068c1aeeb4abfcf10f30337ae442256c29da06a22fc6de7cc508c153b6b27a0296ec6f6c562cb4b2cced457f0a382acd10683020b4040a52e7a0c8e9a0e40a868b2bcd3278cd2ef124f3cff3b320205d30510bbccac0a1b936372cf85c71c8bc6b0cf4530e573e856785ccd5231209683510399dce0d7e1ae01be79f52cc72fc193109dbbad393dee9a5293ddacb8c1f3d5cd305e9ea4610cdd2d9854d802bdf839f09cdfdf63ba94c9eaa90522c3f3ecb5519e17fa104925513d88823324bb3cb4098acd75db4e6ab73b018622af9c3821f7302c034f8ea8846bd89b07622c5b3c8f9dcdf9cb75cf49eaee6f6bd5d304141919387b6ba472f1ae0808a0f49587a6f3f8fff5dd22f0fd9852366f04312e7f74578b124551b6caad862bb29e311bd4c15ea6c107dbd69685\u0026cri=leUsMda9JY\u0026ts=270\u0026cb=1781139719644 HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nCookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\ndate: Thu, 11 Jun 2026 01:01:59 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-length: 43\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":43,"size_decoded":270,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"db04c7b378cb2db912c3ba8a5a774ee3","sha1":"dee34bd86c3484d31002182aa2b7caa4699126b8","sha256":"98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a","sha512":"826225fc21717d8861a05b9d2f959539aad2d2b131b2afed75d88fbca535e1b0d5a0da8ac69713a0876a0d467848a37a0a7f926aeafad8cf28201382d16466ab","ssdeep":"","tlshash":"6490000bca888002caa2c0302b8883022b88b0320228832e80bc30a8ee3b3a20c02000","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-20T07:50:29.606727Z","times_seen":399230,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.northwavepoint.com/mon","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://simotown.su/","date":"2026-06-11T01:02:00.648Z","timestamp":1781139720648,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 3751\r\nOrigin: https://simotown.su\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nCookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://simotown.su\r\ncontent-type: application/json\r\ndate: Thu, 11 Jun 2026 01:02:00 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":4627,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"obseu.northwavepoint.com/mon","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://simotown.su/","date":"2026-06-11T01:02:02.650Z","timestamp":1781139722650,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2961\r\nOrigin: https://simotown.su\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nCookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://simotown.su\r\ncontent-type: application/json\r\ndate: Thu, 11 Jun 2026 01:02:02 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":3837,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"simotown.su/","fqdn":"simotown.su","domain":"simotown.su","tld":"su"},"ip":{"addr":"104.247.81.99","port":443,"asn":206834,"as":"Team Internet AG","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T01:01:57.475Z","timestamp":1781139717475,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"simotown.su","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 11:31:08 GMT","end":"Sat, 11 Jul 2026 11:31:07 GMT"},"fingerprint":{"sha1":"87:95:60:BA:6F:A3:B4:7A:80:3F:29:BF:3D:B7:94:85:4F:EC:95:2B","sha256":"4D:12:3B:B8:E1:EC:1B:A6:65:3D:BF:02:EF:04:31:A8:29:89:70:01:1B:39:E6:6B:3A:22:CE:ED:DE:E4:28:DD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: simotown.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile\r\naccept-ch-lifetime: 30\r\nalt-svc: h3=\":8443\"; ma=2592000\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 11 Jun 2026 01:01:58 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy, 0.0 Caddy\r\nx-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_oj+a8/us1XNF5cREhY8Ngof7lKhLc7sbMQSoTQJZ6cQ0kudLEZiALKF3Mfc/+S7qXomBOCno1eakhUpM0WmIrQ==\r\nx-domain: simotown.su\r\nx-language: norwegian\r\nx-pcrew-blocked-reason: \r\nx-pcrew-ip-organization: Blix Solutions\r\nx-redirect: skenzo\r\nx-subdomain: \r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":11228,"size_decoded":4803,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (499)","md5":"eece4de2c3c321282ecc1ea41eb1988d","sha1":"3db229e7f9527c3732b6914dedd9c9233a242c92","sha256":"54ca2e588facc4d29f3337d0dddb74e626eb13e238de79cb855b63c481dc156e","sha512":"1e0d25502c3787edba41f074ae01168ff972b34f8546572554357da5108a2ffd06ec5c9952852740671131ab4e67bf31644791ac2f16df9f9789073956c4f17b","ssdeep":"192:zYoHSiF0zA5GYJc6aeKeOJdt+ZeKzZR0llSeYBZ8YoHsfOBro2Tc/e:zYoHSiFInoZPB6YoHsfO2/e","tlshash":"9b32e8977ef31918640b90a88faaa3453215900b970acc6cfdec36bcdf485946673f9c","first_seen":"2026-06-11T01:02:35.560567Z","last_seen":"2026-06-11T01:02:35.560567Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1194,"timings":{"blocked":-1,"dns":204,"connect":105,"send":0,"wait":228,"receive":0,"ssl":657},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"obseu.northwavepoint.com/mon","fqdn":"obseu.northwavepoint.com","domain":"northwavepoint.com","tld":"com"},"ip":{"addr":"3.248.162.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://simotown.su/","date":"2026-06-11T01:02:04.685Z","timestamp":1781139724685,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.northwavepoint.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Sat, 09 May 2026 00:00:00 GMT","end":"Fri, 07 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"81:BC:A9:21:63:E0:B6:9A:20:C7:07:EC:3A:69:03:A1:17:C1:42:A4","sha256":"02:6B:C6:85:E6:24:7C:BE:F0:52:8D:76:04:40:96:61:C7:23:C2:DA:A4:38:F5:F9:19:BB:7C:6D:04:4E:7E:E7"}}},"request":{"raw":"POST /mon HTTP/1.1\r\nHost: obseu.northwavepoint.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 2961\r\nOrigin: https://simotown.su\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://simotown.su/\r\nCookie: cg_uuid=41dab8fd51aafb8f63d3c878f6202b44\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\naccess-control-allow-origin: https://simotown.su\r\ncontent-type: application/json\r\ndate: Thu, 11 Jun 2026 01:02:04 GMT\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":3837,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T07:50:14.527321Z","times_seen":16573159,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-10","alert":"Sinkholed","trigger":"obseu.northwavepoint.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}