{"report_id":"fe77f597-cdee-4294-b398-d148f2a0e2bd","version":0,"status":"done","tags":[],"date":"2026-07-04T12:20:01Z","url":{"schema":"http","addr":"ghjgfree.top","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"title":"Amazon.com : SNICKERS, TWIX, MILKY WAY \u0026 3 MUSKETEERS Individually Wrapped Variety Pack Full Size Milk Chocolate Candy Bars Bulk Assortment, 33.31 oz, 18 Bars : Beauty \u0026 Personal Care","dom":{"size":1376318,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (58744)","md5":"c98583a0837dffbe41a4b8f057735461","sha1":"760efc233297c68c1af96d141733f3bed313cd4e","sha256":"a5de094850389555ff837b34f713393b3811297473e43464d782b1d771d60647","sha512":"73a9f1b61bd8e7697dfd875d0fc8941931bf88912b565214ba62e1ad1e69d809e8913dfe1bc81c68eeb727e8c4eaf5f9dbfcc974c3c5d673e126b90fd1d590df","ssdeep":"24576:r5tvVAh9ZVzCukR5+EA4MXu4Bz9oYFoMTDtGs:byaQj40pjoM5Gs","tlshash":"ed55c070f1a11535712fc2ada194730c1e21f7a3c7014fdab5be76b0efea4a8250aa5d","dom_hash":"domhashc21d19d545580ee1bfa51f454f6ee987","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ghjgfree.top","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-08T12:20:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"ghjgfree.top","ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2026-06-28","domain_rank":0,"first_seen":"2026-07-04T12:20:04.409899Z","last_seen":"2026-07-04T12:20:04.409899Z","alert_count":36,"request_count":12,"received_data":3306005,"sent_data":8447,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/1343799980931439","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a3c2d54add83a6363ca6557cd528b8d","sha1":"194e5948a042e22ab7af6375996d7ba19661eb42","sha256":"f13980219669264b3bba19d04784b4839f7c283a882d39cafeaabe4211b49ebe","sha512":"5b4aa54def1d8a1b8d576c2e5f95667dad46a5dd2e53d744070d749a9d31f6b751c7276606cd57d50a58487b79e25467b6532d24b1838298c9590a599e93e367","ssdeep":"6144:Rj6FwEqyUpDOGoi0lj6fYfXYXqRbhixwz0wDPJS5CPvjJiesT/rvY0LsUA3G:tzOGoi0IqsiVi+z0wDPJS5CHjzG","tlshash":"bcb44acdbad1b06153a2b578997f200bb1b599527889c860ea2ddcc87d7818e4133f7f","size":504691,"data":"","first_seen":"2026-06-28T11:28:32.112833Z","last_seen":"2026-07-04T12:20:09.411281Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"446ec2fb486fa847496733d51e40fea5","sha1":"091ae698b50a33052c57df6fdd1a8a5f0455949c","sha256":"d34a3b346c5f570bda356f73454d3a70d13cbfff7037d1562d9e46d335a328f1","sha512":"f0bf640d3eeef8a2e525bb16ba9a5eb8179c11032dccbbbb1940f527fc1530dd92ea119914e738f7ece44132e82dc3f33553cb391f8d1842a2f3fc05330e8487","ssdeep":"","tlshash":"0821a9ed9246648026bb50906757a0c8115ce9b73001decdbe9ecb0e1f6e51c560fbe7","size":1278,"data":"","first_seen":"2026-07-04T12:20:09.440505Z","last_seen":"2026-07-04T12:20:09.440505Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"00a927e4166d0d921d61ef1f406ad244","sha1":"a4f61843b1b3d75a52c8862ab7e1b55e02703c33","sha256":"35224016296ecc3a5150798f41e8ba2bebd6aac4ba10310ad10dc304fe9b18af","sha512":"9dbfd21460387b8de0802fb2b8c250ce8b7596267d12dfaa4877f257cc97706dfaaadcfd4474c02fdcfdb7439113cec825a0fc1629bb811bba2a4cf4231260ce","ssdeep":"","tlshash":"f621ef0f189bb0b606f7307dab7b6809231545176055c1033d4c4a182fd043abfbabce","size":1274,"data":"","first_seen":"2026-06-18T13:29:55.552842Z","last_seen":"2026-07-04T12:20:09.442381Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"efa94af8604f91f10d1255005041c3e1","sha1":"584937b7d5596c29a2969eb6110431aa7a243248","sha256":"5a0933b4162b239a33d662c94aa0a01b0a921b79d47a20b596fa00c3ad11739d","sha512":"b3c738ef62fbe1d9119aafd5119be8f2a3173bc6657b694c8f57361f19b433e26f5c7d06d187fb6f203f4426dc33304cb4c59b621d271227a6f6ae727f04d752","ssdeep":"","tlshash":"cc41dc1508ff2118d16b69bae77ff50ca324801798c4de09ba0cd7290f12a7ed66899f","size":2344,"data":"","first_seen":"2026-06-18T13:29:55.554004Z","last_seen":"2026-07-04T12:20:09.443237Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1cfd8ac369908b7bbfd0590ed14f601d","sha1":"097b5819e5406442d3bf951f6f010a33b79d1ecc","sha256":"f6e6cd3c708d32ce5071f4401cfa54c1178f48cc55ddb4b319c80213cb6e9472","sha512":"aad92dc1ccdc8e679a81ea6c3a86b043ab30274f805fdcd7b2e1ed47e2b4fe272b99bbca9cbffa9f5096dd112d4d1db3926ba56d1fa5bba17195fb6cb87f3f80","ssdeep":"","tlshash":"e3a022b08008e2230cc82032b033bc0eb3c08328fc3cacfb2c8c0008a380c83aa02000","size":67,"data":"","first_seen":"2026-06-18T13:29:55.555391Z","last_seen":"2026-07-04T12:20:09.443976Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ea3cbedea026968c4a2fd35aea13107","sha1":"05b6869714514af401f710a5edc951c227cc2ed0","sha256":"a6bd5a482a44b49f01ac4ea2fc54bc2d424bcc59a33593638083ed9ac0d56512","sha512":"4f9259030aa22115af7239ac43912c30e5243a40b3f27e092645c16451547aa85fb98bc3b010751407a00cd2f6fb7bd3984a706ce2a10ecb219f480a93c50f7b","ssdeep":"","tlshash":"3271ccd8e2e702f452a3b03d1babd684367058e3100dea55bc8d8b416fc096957f5be2","size":3594,"data":"","first_seen":"2026-06-18T13:29:55.556329Z","last_seen":"2026-07-04T12:20:09.444749Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b219879402865f181e87f2d4cf571759","sha1":"8890a0dfe502e04f2f38323f3541977c2d4a2539","sha256":"d22845d2fb34c5682f8d262e88d808adeeda73773c8f98b3589ee538c0b3659e","sha512":"f9388d9b88c0f216752220dbc0490d926688a8b810f17a2751ed74a40e747a997b5dded97235e5297bb066a3c55670b0a15cfdd1a2b0e039948ad23d5b80d003","ssdeep":"96:swnhCAhfIIyQUJBCk/HiVe6hxhKyu0sC8oyF30RlZicy50k:swnhC6IFQUJAk/HiVe6hxhDL8lF30pij","tlshash":"f7c1e09c2ad7606191f3653d8b6b200871338473250dea51bd0c5b04bf76a2a97baacf","size":5986,"data":"","first_seen":"2026-06-18T13:29:55.55859Z","last_seen":"2026-07-04T12:20:09.445492Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45186f4635acdeafe1ebaf169ee21bee","sha1":"ffb459f465f9ba1d2a5b79f353a9297a0ce3d3a1","sha256":"707e7686f857a9083534780fe433a7b2db28941b8056142d77c504238a27033b","sha512":"2cb685c5a6c68deacc1158ccaad699d6c8a111a4dd4a2c8f680e21e56ffb19a19fe18ef3feffeffd3af96dfe44002b673ab47c7a64d3904128d7c71d2cf53985","ssdeep":"","tlshash":"4ea0223e0f0c0a3002a0b200300cfa082c2f0a02000008ea80a82f000808f808080000","size":65,"data":"","first_seen":"2026-06-18T13:29:55.56024Z","last_seen":"2026-07-04T12:20:09.446143Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa040716b16f27aa841c8aeaec702dfd","sha1":"4921d72342cf5ca0c4f93b3ee03aa30af121ae0b","sha256":"73afdd960df0d2391d523567ebb0ba7f15809d3bc71af6965da57cc2f1130e9b","sha512":"b723ebf2b166a5abec51f2366c908edf754e8eb7397356847dcc07e50ed8b67664e37b8f7fad741c885e474bb448620da01e76edd1e01d566d32b2541b07b01f","ssdeep":"","tlshash":"ba11f4d8e8ab16f12077a03d0b5b118232300cc32409e518784d8f495f8961a46e2af7","size":1038,"data":"","first_seen":"2026-06-26T13:43:17.190842Z","last_seen":"2026-07-04T12:20:09.446732Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c1b592f46b4fb5050dfa64ed1ef4af0a","sha1":"ebdcc39ee3dae95a9f71d8cb2d8548340a14917f","sha256":"4c118eb81089d52ebe83d47f85c72493492d651be5513f55f85d8faa8fb7933c","sha512":"3169cbc572c2d5e9c622513d2bd360ca76fc47dd119125b6dfadf048635f731f73508101487f29f2b2b03ced6c201574889bf28daff24493378d96bd2b535a7e","ssdeep":"","tlshash":"1bd0a9acfa8822e2e0232028274f120dd120214b0e86ca04bc5ce7c00f224586a93ebf","size":259,"data":"","first_seen":"2026-06-26T13:43:17.192457Z","last_seen":"2026-07-04T12:20:09.447475Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ee97449ea4f3c34465a0d2d928c38a98","sha1":"e39f933b30ffadaafb06a0e6ea9ccd2eeacd5c8a","sha256":"f88c4140f197d0d777a7d5181a90d17eecde26233828114bfbcda84df2767c31","sha512":"6a9de603841cccda11d0b0a04de61c86c72bd68420d2881fdc3e84ff7265363b7a720f3d42f33fd90826632e78925d0f84c0ed028a217fe020c1652ba32581e7","ssdeep":"","tlshash":"2921259caae78970e23bb13d0bff9585753640972009e915f84dca801f6062827e5ee6","size":1411,"data":"","first_seen":"2026-06-18T13:29:55.562926Z","last_seen":"2026-07-04T12:20:09.448222Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"794201e91953cf5c191590f9b581c76c","sha1":"a1b1aec1123889a2df867702f21f67fa3b961a6c","sha256":"9ad69250100c97eb807260755da05d3a51156e528b090dfa4163f3e6ac8034cd","sha512":"94b17d62d1cd2ce036f77d641c90f84fa6ac0932ef956c08d4ca64d69599321939cdc3511065a6cd53bcae24ca45a28682c3134d2a8dc2227abd6ad65c8ee4ef","ssdeep":"192:RfYOLDWMuzPfW6ZUD2x1zV+VhfkxcUiyJo0oPjz/bxJiLewxf7z:juzPzEShGPS","tlshash":"fc4241788df316b64637626e1baf94443235802b0209c9807d7cda981fd4c301bfabfa","size":12277,"data":"","first_seen":"2026-06-18T13:29:55.563878Z","last_seen":"2026-07-04T12:20:09.448887Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a4e7d89cd6534339387ce8bca668aeb7","sha1":"0f304e206bae25eb258a6cdfc13fa4a72752646e","sha256":"95de49b0c745aa35940e79591d2fd0c94ac16adfb3f7fd73818a9e491abd5809","sha512":"0e3f62cdb905eebcfe7f045423d3ccf13c5060f4b681cbd4380cf5e78ac66c8266f2a7cdd076aa72aa26937d57442e62882f025b258c31c466912d171f72670c","ssdeep":"","tlshash":"b341259d65e6612f6527323e069f4906373a4093104dce023e4c62a27f6db7827b2f88","size":2127,"data":"","first_seen":"2026-06-18T13:29:55.564826Z","last_seen":"2026-07-04T12:20:09.449584Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c0f7f0dc9c69a68c95998cf655d66ee0","sha1":"f27878a6b5590f9718fd997a046da0f20aa6c5c2","sha256":"9957d03e08506407a913126ed81ac1f82ef310bb94561b6833d9d16ec0f9cfc5","sha512":"148d75c2aefc6d3ed2e458784189ca10eb0c7321760d2412b207ab6c06076e33e654f4624271c1c19b36a05f4ef7c48bad045bb0f16a2874e9b4262f33be1eeb","ssdeep":"","tlshash":"ff61ed16a5f7a3042617306c7a0f950c70c66893a44cce1a3e1fd3535f052fddaa2a9d","size":3299,"data":"","first_seen":"2026-06-18T13:29:55.565922Z","last_seen":"2026-07-04T12:20:09.45047Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f6eeda572cdf9c42aa612b4b1d45c8e6","sha1":"c5b07616c696021a421568251e6232f29a746fbc","sha256":"8845c45a7708ba597920810841dcbdc23dd5d89673cee862c10ea96c63655d42","sha512":"3cb608696dc5b3ce0a540d4bd7af0cace91a73e5bf5697b1f4b02cd47ac318d31147f05c3b817d76ffb8d11f2e5c8b63172666ed288110cb03fa83a01bb9c755","ssdeep":"","tlshash":"b0f0df0c0da3d162442b352763bbd21836167013641ae09a3dcdce0a4fa0be84e10c6a","size":527,"data":"","first_seen":"2026-06-18T13:29:55.567269Z","last_seen":"2026-07-04T12:20:09.451252Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4486102cb48fbd82b76047bd6fed352","sha1":"ddf2a1450461c9d770a92ca8b1aa24a4f26e5aa3","sha256":"e07bb9ebdd4a2178ea8b0c820452f63419c974c3198305d999c4647cdb4a9d77","sha512":"b171b287ae626146c145e88af436d64312ff5e45422a3090bccdc3d07bd668c612f828668d0d6f9a7140b49741174abb68570fc20b88f5c0e91e26552f87d918","ssdeep":"48:/y2NoEieg+2AdYRk2Ju2p0eS0AplKGp5S4t+Q3oubMXP:/TNvKAdYRK2RSXKGzS4HbEP","tlshash":"6291a90d20ab26b51137f47f1adfd20479389047500ade25bf4c97406fe42a8527abfc","size":4547,"data":"","first_seen":"2026-06-18T13:29:55.569054Z","last_seen":"2026-07-04T12:20:09.452252Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"186b375c8131f581d5f3ad1f80af424d","sha1":"44f76a9a8d17b9250ea5532b627ac36f4a009218","sha256":"4488e56b88818d6f5f8b09bbe25243bac43fe792369c157e4227802fda4a6175","sha512":"021f685494ae9a28c22716eb2965d43a8137bec1a80c53478574e0a9872ad77be073635d89da185e0d330500c44883b7570bf1f09e6bbfd1a041656fc1f8c591","ssdeep":"96:/Z/ON3Aei3Aezy5oA3rVFC4pjgTCEz+KQ37Zjrjtw0GkR0GJVZ:haweiwezy5oA5FjpETCEaKQ3RnZ","tlshash":"69c1436c7aa23173aa7342fcbb3fa545751a1933140ac610bebf94402fd1a135a6cf6c","size":5681,"data":"","first_seen":"2026-06-27T01:11:17.982589Z","last_seen":"2026-07-04T12:20:09.45293Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/fbevents.js.%E4%B8%8B%E8%BD%BD","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c41542cf32233bce2bade2decd6bbf05","sha1":"8959ea508cfb47c9e5ebc74715fe744b66d6bdfa","sha256":"c5f1033054484f79c1816b905e3b66e2433a99d4df2cdc76e94a92d9740580c5","sha512":"0a9ee49b170fe5789c8210b4ac53ff1add61833fa2f2243ec64f3a8f72126b6231c0165549014a6a4c50ba00a98592a6c8b4a3c9ee95c7878239ce8fe357f842","ssdeep":"6144:w7gAVTJGD0ML9RpTD+4Yd0E+brBLrxQCR/ddFriG2XPHnNpnK01lzEYzOOlvBZSJ:2nmOMdgPHnNpnK0JNSJ","tlshash":"3c84e789b1e1b0a103b6796c966f9007b2bbd5a234ccc960e55dedc82d7c49e4133eb7","size":378873,"data":"","first_seen":"2026-06-23T21:05:28.833079Z","last_seen":"2026-07-04T12:20:09.425182Z","times_seen":432,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ghjgfree.top/","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-04T12:19:35.159Z","timestamp":1783167575159,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:24 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 28 Jun 2026 16:43:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f41-14fe08\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1375752,"size_decoded":720699,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (58676)","md5":"99674574102c6b4abf4d915477075bfe","sha1":"6b2c042598ca46e1e93e34a80dc2eb8a752c98f4","sha256":"ea9be41343d573b167a4b3a30c83c613ec09b256c7a9c3f1f521228de5f3099f","sha512":"9895b23a4f1747ab5dd08a0030ab4142224ad6b7846a726e853b0646b65787da905090b82194a008f458aa8445c0c4188ac1d9b5bb2a8a63307b775ed1ceeb76","ssdeep":"24576:b5tvVAh9ZVzCukR5+EA4MXu4Bz9oY3oOK:LyaQj40pNo5","tlshash":"1425e170b0512139a63bc36da689774c5f20d1d3c2018eedf4afb650afcf694225ae5e","first_seen":"2026-07-04T12:20:09.409269Z","last_seen":"2026-07-04T12:20:09.409269Z","times_seen":1,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":0,"dns":96,"connect":142,"send":0,"wait":142,"receive":0,"ssl":293},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/1343799980931439","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.191Z","timestamp":1783167576191,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/1343799980931439 HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ghjgfree.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:24 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 504691\r\nlast-modified: Sun, 28 Jun 2026 16:43:46 GMT\r\netag: \"6a414f42-7b373\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":504691,"size_decoded":505147,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (9255)","md5":"5a3c2d54add83a6363ca6557cd528b8d","sha1":"194e5948a042e22ab7af6375996d7ba19661eb42","sha256":"f13980219669264b3bba19d04784b4839f7c283a882d39cafeaabe4211b49ebe","sha512":"5b4aa54def1d8a1b8d576c2e5f95667dad46a5dd2e53d744070d749a9d31f6b751c7276606cd57d50a58487b79e25467b6532d24b1838298c9590a599e93e367","ssdeep":"6144:Rj6FwEqyUpDOGoi0lj6fYfXYXqRbhixwz0wDPJS5CPvjJiesT/rvY0LsUA3G:tzOGoi0IqsiVi+z0wDPJS5CHjzG","tlshash":"bcb44acdbad1b06153a2b578997f200bb1b599527889c860ea2ddcc87d7818e4133f7f","first_seen":"2026-06-28T11:28:32.112833Z","last_seen":"2026-07-04T12:20:09.411281Z","times_seen":2,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71lmCdb+TDL._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.583Z","timestamp":1783167576583,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71lmCdb+TDL._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f45-2176b\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":137067,"size_decoded":136589,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3","md5":"79ed683074212bf62b22856441973612","sha1":"130a10b1da6d0aed6c5824951919c7831f6b13b4","sha256":"728e68cd491c11dd5f8d70aa52ddce74cc4dbe24853011936bc270f2461eecda","sha512":"afd68f53c16ed81bb34bd27b3bf27cb76e7e29051f2fb3e255ed62594e856893ffd887513b641e80d720825dc9444e8d2f07d3e66256b53838134fca37616970","ssdeep":"3072:kop+CoBT+HY5Y1NrxmrxRBPg7xo9VGg1GTxGLNshoIWkr2r5mM:koTVNrM9vKo9Ig1G1GLNMoIWcax","tlshash":"84d3123c233ab07cea2e3e7205bd67155329d0a85292b857709ff7456088d877d6e4f4","first_seen":"2026-06-28T11:28:32.130872Z","last_seen":"2026-07-04T12:20:09.41328Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/saved_resource.html","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.719Z","timestamp":1783167576719,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/saved_resource.html HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 182\r\nlast-modified: Sun, 28 Jun 2026 16:43:50 GMT\r\netag: \"6a414f46-b6\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":182,"size_decoded":617,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"8f33721c884574b92ebdc7bc48d9f72d","sha1":"52c1ccb34b6f21e761d7bd86dd37e500d611b7fb","sha256":"a000f21aafde803b7e789ce713d9630a463729f96536fcbbd93dc0ea0e824d9d","sha512":"f01eafbee503ea00378c5dfb64c78158129cf9722c2693a0a5881bade9dee815ba8f85ef3635431c1b96d8221e4e3f7cf8e850d718330f567f07f2b610faad0a","ssdeep":"","tlshash":"9bc022b02116200be111a7928ae8a02429108800e08a8c42940036aca0cc318e8731a8","first_seen":"2023-04-07T07:19:21Z","last_seen":"2026-07-04T12:20:09.415146Z","times_seen":43,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71gCCOnlk5L._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.585Z","timestamp":1783167576585,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71gCCOnlk5L._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f44-2454a\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":148810,"size_decoded":138614,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], progressive, precision 8, 1000x1000, components 3","md5":"c55191be5377cfa0215102de36ef4b4d","sha1":"271cdb000523c631851dd22553521cbb09beb309","sha256":"28d62e1b8a90514606ff98731ff4f6f865a789fc7d5fba7b27d75063de2de16b","sha512":"c06182b6cabb073446bd6bf25e1d487b89434ce4d36eb68cfcc0dae21f07948e7ff48cd4d1c42bf89cd61484628883e50ebfedd33ad10c7c830b245442efd82f","ssdeep":"3072:7MFZz0G4sWIscG4gLhvxL7bK1Dy9daC6eXTL1AyIeX+Sf+O:YFsNiDy99XTL1iefGO","tlshash":"bbe302dfa9ebf5e0e646517844f486e80733f57e8ea5a7fb0a1a2d1380258479c80c9d","first_seen":"2026-06-28T11:28:32.117584Z","last_seen":"2026-07-04T12:20:09.416355Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71AcODan6iL._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.591Z","timestamp":1783167576591,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71AcODan6iL._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f44-244b0\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":148656,"size_decoded":148210,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3","md5":"7684d6c18ff3886dfa0c322db858ea3e","sha1":"2a16653fea299ecda7c1ba0281de107594b85eeb","sha256":"6eac229eba21983f721dd9a9d72c1a531bb4872957f7847f45ac5dee60f1dc14","sha512":"74f73c9ad2545383ca99373b9b111c94a3e7c2a183017e5dc8dd6b1d906f5490f0de9b5efa560127ce46e7e15a8e25d2a895f7d1ea09eea90b71486933e3fed5","ssdeep":"3072:BMq1xsBg3hcNWeuaZl7H00NMQh4qYRvvxla16SrlG6HbWqCLnt8:GSxxhcoeuaZFUsFhORvba1Nhr0nq","tlshash":"3ae31313d8b7d39ceae5dd73efb24e9da784420e8b54aa8c3070ef14e9543992841077","first_seen":"2026-06-28T11:28:32.127412Z","last_seen":"2026-07-04T12:20:09.418414Z","times_seen":2,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/61BhdaW2dSL._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.594Z","timestamp":1783167576594,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/61BhdaW2dSL._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f43-1f65a\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":128602,"size_decoded":128993,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3","md5":"05459a6b1e6f4b729d42db743c58fa56","sha1":"3fdcbc1d8c59fee1c0f4cfc76e1d83717b9892fa","sha256":"c3aa869373e9059ad190692cbf0b9b2490e87d932e700ac41c56a56f27a2e669","sha512":"47f97becc8946ecba3eda7c2e1372089de626ea076db8471b85ccdb3f240fc6edd369cfdb4f1892245667b339388985ca9d0aeb9034dcdac6f4eb0d0b5638090","ssdeep":"3072:VIWmeJPDUi8prs9mr3kQYcxrCTKsuhvOg9EiHmzb3b3:mWmelDUft07TK/z1Sf3","tlshash":"3bc31204765d4bcd365b699108aa9248ef91d27a91b563bdfd0e24310f731abb0f2b23","first_seen":"2026-06-28T11:28:32.133993Z","last_seen":"2026-07-04T12:20:09.420128Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/fbevents.js.%E4%B8%8B%E8%BD%BD","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.193Z","timestamp":1783167576193,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/fbevents.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ghjgfree.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:24 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 378873\r\nlast-modified: Sun, 28 Jun 2026 16:43:50 GMT\r\netag: \"6a414f46-5c7f9\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":378873,"size_decoded":379329,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (9255)","md5":"c41542cf32233bce2bade2decd6bbf05","sha1":"8959ea508cfb47c9e5ebc74715fe744b66d6bdfa","sha256":"c5f1033054484f79c1816b905e3b66e2433a99d4df2cdc76e94a92d9740580c5","sha512":"0a9ee49b170fe5789c8210b4ac53ff1add61833fa2f2243ec64f3a8f72126b6231c0165549014a6a4c50ba00a98592a6c8b4a3c9ee95c7878239ce8fe357f842","ssdeep":"6144:w7gAVTJGD0ML9RpTD+4Yd0E+brBLrxQCR/ddFriG2XPHnNpnK01lzEYzOOlvBZSJ:2nmOMdgPHnNpnK0JNSJ","tlshash":"3c84e789b1e1b0a103b6796c966f9007b2bbd5a234ccc960e55dedc82d7c49e4133eb7","first_seen":"2026-06-23T21:05:28.833079Z","last_seen":"2026-07-04T12:20:09.425182Z","times_seen":432,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":282,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/510Sr1uDMiL._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.586Z","timestamp":1783167576586,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/510Sr1uDMiL._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f42-d75c\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":55132,"size_decoded":53519,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3","md5":"58bdd219c1d19fb7e7a2cdae3dcf314b","sha1":"18f398c244b91ba95f47f91cf21dcf78b419fb35","sha256":"fa026b84d9c21bb67205291a62cdaf12c823bdb39ce16acef751d6e52ea0940a","sha512":"a6ed1c835ae544055ef8ce619b921890e1f673beab0e9a481003bb3dcdebe425a4cf5f3f6475af014b6e368e074aa3443ccb9fc4ed6b21f9b805a1b9c548c434","ssdeep":"1536:dTXQ5TKj1sIWG7KdSfU22ppAyw1S0QDV2mY:dTA5TKi47Al2Xs0K2b","tlshash":"f43302aa84c3a41de1adf533ed8236e492459911c541c7a609a0f30fe9235ffbc7a09b","first_seen":"2026-06-28T11:28:32.123553Z","last_seen":"2026-07-04T12:20:09.426819Z","times_seen":2,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71kQY4DDlNL._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.588Z","timestamp":1783167576588,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71kQY4DDlNL._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f45-25285\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":152197,"size_decoded":147290,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"e25fb140b9e81cd424f6956651601924","sha1":"b8205b1fb3677c518b5be973b88bfda510c70487","sha256":"c2cb6c5f8d582e580b48da49f79aea92439d866f6398a7a6a8ab140a77b585bb","sha512":"fa6110a3845e1efed09b1152bcc1b2eb572b55cb554ed19dae5c97f99f95362155de757502d285a2df73ca777a2444604d9c26f7041cd74ef4a9f8093c897d39","ssdeep":"3072:rtYB1dERzS4asf0mb/X9PqLSFdYXmn/qUAEumdiy5/BXvCfbf:r2dczSdkX9PVYXuAEBgyifbf","tlshash":"8ce301139a88df87a85ac3ecbf271ef9171b5b6081153bd508616e8f6f664500dc787c","first_seen":"2026-06-28T11:28:32.132613Z","last_seen":"2026-07-04T12:20:09.433411Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71knfg3d6WL._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.589Z","timestamp":1783167576589,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/71knfg3d6WL._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f45-267f9\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":157689,"size_decoded":156587,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3","md5":"dd54dd23ef93874852bac7ed220bb10f","sha1":"f82415fcb1e50f642841538bd2f2fb189ba6e45c","sha256":"46ae7aeb118d1836956db237dc1e63dbc11b7577f5d003af0552fd787aadd1bd","sha512":"255c836658076d51df6a3cdbb6f0aa2a109b4aaaca2a4605aa3b3b68eecd911ec08c180949f97861bca6bdac6f9f510b4b18c37588c4b20fc7cc8fe9ae06e2f6","ssdeep":"3072:B/gIi6L6Xj+gk5TvtkpwX6XKdO//CfESZjr0XIX35pvHH//96jPak:nzkl4HX6ac/asSVr2I/vn/lBk","tlshash":"6bf3127465b82affea3240318cf1a33f3af061589a5a3e88da0b7978555412c9cc57ed","first_seen":"2026-06-28T11:28:32.121419Z","last_seen":"2026-07-04T12:20:09.436097Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghjgfree.top/Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/61yYfxEIs8L._SL1000_.jpg","fqdn":"ghjgfree.top","domain":"ghjgfree.top","tld":"top"},"ip":{"addr":"128.241.231.182","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghjgfree.top/","date":"2026-07-04T12:19:36.596Z","timestamp":1783167576596,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghjgfree.top","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 15:27:53 GMT","end":"Sat, 26 Sep 2026 15:27:52 GMT"},"fingerprint":{"sha1":"3B:D8:38:CC:23:05:F4:3D:FD:DB:AE:0B:FC:68:DB:89:75:1C:EB:BB","sha256":"DC:36:D2:0C:8F:84:FF:27:2B:7E:D7:28:6B:67:35:3D:24:D1:6C:76:96:62:33:5E:8B:D1:DD:CD:0F:BB:06:B2"}}},"request":{"raw":"GET /Amazon.com%20_%20SNICKERS,%20TWIX,%20MILKY%20WAY%20\u0026%203%20MUSKETEERS%20Individually%20Wrapped%20Variety%20Pack%20Full%20Size%20Milk%20Chocolate%20Candy%20Bars%20Bulk%20Assortment,%2033.31%20oz,%2018%20Bars%20_%20Beauty%20\u0026%20Personal%20Care_files/61yYfxEIs8L._SL1000_.jpg HTTP/1.1\r\nHost: ghjgfree.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 04 Jul 2026 12:19:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 28 Jun 2026 16:43:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a414f43-1b72b\"\r\nexpires: Mon, 03 Aug 2026 12:19:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112427,"size_decoded":112314,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], progressive, precision 8, 1000x1000, components 3","md5":"5c6152c991e584fb19d46b2b6cbe4f59","sha1":"260b2eea27f801857c9cfd6c2afeabde6333a0f3","sha256":"999b491c29f86ddba88fbba20245d1dfb47873179c9f6e792212c759f592f658","sha512":"821f488b53d20c3633430f2e4fd7bc665a704ca87eabec5e10cde6bef06a075f32c0608c50b32af5cad90b4319cb99d7bc447972c5c33a4ef7953dadba66b88d","ssdeep":"3072:SQKQ6TiHdqW1FQzskPov1dMGdoGPOGuno+ybpY+4F:dsiHdqVzskP/GC6yoJqj","tlshash":"b6b31234abf18be8cbb212784db691b72377b955f304c791b072b166144926be812197","first_seen":"2026-06-28T11:28:32.13522Z","last_seen":"2026-07-04T12:20:09.437958Z","times_seen":2,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"ghjgfree.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}
