{"report_id":"ffa4cf1c-6360-4034-9e56-ab701637405b","version":6,"status":"done","tags":[],"date":"2024-09-05T04:11:20Z","url":{"schema":"http","addr":"grabify.org/207S1","fqdn":"grabify.org","domain":"grabify.org","tld":"org"},"ip":{"addr":"172.67.168.159","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"grabify.org/207S1","fqdn":"grabify.org","domain":"grabify.org","tld":"org"},"title":"grabify.org/207S1"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T22:32:31Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-04 18:12:06","alert_count":0,"request_count":3,"received_data":2662,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.grabify.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-10-27","domain_rank":0,"first_seen":"2024-02-06 19:06:58","last_seen":"2024-03-26 16:05:37","alert_count":2,"request_count":2,"received_data":58149,"sent_data":864,"comment":"","tags":null,"fingerprints":null},{"fqdn":"grabify.org","ip":{"addr":"104.21.94.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-10-27","domain_rank":0,"first_seen":"2021-02-03 08:15:12","last_seen":"2024-06-22 22:41:32","alert_count":1,"request_count":1,"received_data":7692,"sent_data":473,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"grabify.org","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"grabify.org","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"grabify.org","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"grabify.org/207S1","fqdn":"grabify.org","domain":"grabify.org","tld":"org"},"ip":{"addr":"104.21.94.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grabify.org/207S1","fqdn":"grabify.org","domain":"grabify.org","tld":"org"},"ip":{"addr":"104.21.94.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:10:54.028176288Z","timestamp":1725509454028,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"41C00088AFC20571F6A0C6998324D9517346256AC33696DC706192EC606FE7A7\"\r\nLast-Modified: Mon, 02 Sep 2024 12:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4465\r\nExpires: Thu, 05 Sep 2024 05:25:19 GMT\r\nDate: Thu, 05 Sep 2024 04:10:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"66fbf7f95cb55f388373a20d4b1a736e","sha1":"afc34259758a563362367848629ff7639982e1fb","sha256":"41c00088afc20571f6a0c6998324d9517346256ac33696dc706192ec606fe7a7","sha512":"80f0c1a3f29e795722e05ea6260e1ec92780f3f554ace63e7a0e4ad5d030be18b0cde8397bffc652a92306b23ba802aa8a0db463bac3a6827e645816bd5759a0","ssdeep":"","tlshash":"02f00e7956f2e6c3faf8112314a6ed606c227aab780021a279800ac239c67f6678545c","first_seen":"2024-09-02T19:20:57Z","last_seen":"2024-09-19T23:09:36.632755Z","times_seen":35846,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:10:54.307260375Z","timestamp":1725509454307,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"62ED97A3678824305419366056FD0BEE73359522822CA42A16FABDCC3AD982BE\"\r\nLast-Modified: Mon, 02 Sep 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4390\r\nExpires: Thu, 05 Sep 2024 05:24:04 GMT\r\nDate: Thu, 05 Sep 2024 04:10:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3b182d2525d361002ced8590b8a9ce07","sha1":"12cd4e482375e47fdc8cde29fe98a6e3498260df","sha256":"62ed97a3678824305419366056fd0bee73359522822ca42a16fabdcc3ad982be","sha512":"a9af0e3420d2ef7b1e515e4014c080aa80aca75d801f852b484ac418bafb12eda0ff0e4d2ae943bc5fab828c296a2ec8ec22c6b66222a285f3dd6a5c7fe82cfd","ssdeep":"","tlshash":"4bf005b9a5b5ba148aed1c4468f5c51d9b107efd3cc111c3acc5c1b52e5575c019410d","first_seen":"2024-09-02T21:43:18Z","last_seen":"2024-09-19T23:06:53.189609Z","times_seen":16139,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-05T04:10:54.383539567Z","timestamp":1725509454383,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2B2A41201A3881BD029AB7161BE291B23128D5952E5959092607B98C951FA18C\"\r\nLast-Modified: Mon, 02 Sep 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=14456\r\nExpires: Thu, 05 Sep 2024 08:11:50 GMT\r\nDate: Thu, 05 Sep 2024 04:10:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"cabaaa7c3e6a621cc5836be05eee4924","sha1":"c4bc6288aed0597ff7ae2dbc5aea340b6c9636b8","sha256":"2b2a41201a3881bd029ab7161be291b23128d5952e5959092607b98c951fa18c","sha512":"7da36317a8c4f485281c503bcc03813f77f4339dd43124bdba3345414625f7dbb71911cd5eb19e1d4afb482b9ce0ffb5678bd41d4d5e6e77f56069bd2f99817d","ssdeep":"","tlshash":"a0f00efb12f33260dbf59d293989f23a0610ad9ebc2198e624c5d1cb9442fec408890c","first_seen":"2024-09-02T19:36:30Z","last_seen":"2024-09-19T23:09:22.854855Z","times_seen":22244,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.grabify.org/images/favicon/favicon.ico","fqdn":"cdn.grabify.org","domain":"grabify.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grabify.org/207S1","date":"2024-09-05T04:10:55.149Z","timestamp":1725509455149,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grabify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Aug 2024 11:49:12 GMT","end":"Fri, 29 Nov 2024 11:49:11 GMT"},"fingerprint":{"sha1":"C2:35:0A:D5:46:B0:37:B5:6C:EF:6C:7B:F0:83:77:32:E6:4D:A6:C1","sha256":"8B:AE:65:C7:2F:61:2F:10:BD:07:75:DB:6B:AE:C7:65:C2:C8:E9:FA:58:FF:FA:73:8A:13:C3:65:31:A2:0F:5C"}}},"request":{"raw":"GET /images/favicon/favicon.ico HTTP/1.1\r\nHost: cdn.grabify.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grabify.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 05 Sep 2024 04:10:55 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Mon, 04 Dec 2023 08:38:08 GMT\r\netag: W/\"656d8ff0-3c2e\"\r\nexpires: Thu, 05 Sep 2024 04:10:54 GMT\r\ncache-control: no-cache\r\npragma: public\r\nx-static: 1\r\nstrict-transport-security: max-age=31536000; preload\r\naccess-control-allow-origin: *\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=HCasbG6V2yGFLuNCOTj0Anzvzc235yK7N9vUTvn5UVw9xnGb6WMUqofztu%2BkQE4ug7QnOiDqFyzHa8S40LSXdMqn0DjyghrrZoTmxbiZJZtR8Av%2FLu%2FhdVYO8KEEOemkSmk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8be35f4ecb665699-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":19,"dns":18,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"grabify.org","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grabify.org/207S1","fqdn":"grabify.org","domain":"grabify.org","tld":"org"},"ip":{"addr":"104.21.94.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-05T04:10:54.681Z","timestamp":1725509454681,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grabify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Aug 2024 11:49:12 GMT","end":"Fri, 29 Nov 2024 11:49:11 GMT"},"fingerprint":{"sha1":"C2:35:0A:D5:46:B0:37:B5:6C:EF:6C:7B:F0:83:77:32:E6:4D:A6:C1","sha256":"8B:AE:65:C7:2F:61:2F:10:BD:07:75:DB:6B:AE:C7:65:C2:C8:E9:FA:58:FF:FA:73:8A:13:C3:65:31:A2:0F:5C"}}},"request":{"raw":"GET /207S1 HTTP/1.1\r\nHost: grabify.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 05 Sep 2024 04:10:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Thu, 05 Sep 2024 04:10:53 GMT\r\nstrict-transport-security: max-age=31536000; preload\r\nx-frame-options: SAMEORIGIN\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=iEXICy5BY5JSk3MvT5U7oTDcQa%2FXLyQiCktVC8nE5dCrZUjMPUvp5VmIaVVd19BycrPdbqR8neMGzF908eeMdA0yk4snI0%2B7u1tm8RTpUBYZt5x7BZ4UHL9WVFpo5Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8be35f4be995569c-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6981,"size_decoded":6981,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7270), with no line terminators","md5":"382dd5fad38a5ca2cde1ce4db298ce10","sha1":"4aaebbeff9b935d07c994f8fec71811dfd971f47","sha256":"e2140359b8d1926ccd6ff81162cc96339f1b37658d284d18a806cbcba3de6f1f","sha512":"49f3b3fb6c7f09ef443dcb08b32d8b7d807c3fb4c8ea40a3771686cdeb0d041dc74851ecb676f21bfece971550e9e8f8fc11c0888d0df3633d637781acac7a14","ssdeep":"192:3F1Qv13xV1cSHYuHqvD9IIlOb6z5plNib6IuW:3F1Qv13T1FHevhIIS69H0b67W","tlshash":"4ce1e7331165903a62a3c6a226f57b4d7031f80bf9874a66f3a5352dc3c65e0dab3f54","first_seen":"2024-09-19T22:32:34.034106Z","last_seen":"2024-09-19T22:32:34.034106Z","times_seen":1,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":29,"dns":0,"connect":2,"send":0,"wait":75,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"grabify.org","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.grabify.org/images/grabify-new.svg","fqdn":"cdn.grabify.org","domain":"grabify.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grabify.org/207S1","date":"2024-09-05T04:10:55.044Z","timestamp":1725509455044,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grabify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Aug 2024 11:49:12 GMT","end":"Fri, 29 Nov 2024 11:49:11 GMT"},"fingerprint":{"sha1":"C2:35:0A:D5:46:B0:37:B5:6C:EF:6C:7B:F0:83:77:32:E6:4D:A6:C1","sha256":"8B:AE:65:C7:2F:61:2F:10:BD:07:75:DB:6B:AE:C7:65:C2:C8:E9:FA:58:FF:FA:73:8A:13:C3:65:31:A2:0F:5C"}}},"request":{"raw":"GET /images/grabify-new.svg HTTP/1.1\r\nHost: cdn.grabify.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grabify.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 05 Sep 2024 04:10:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Mar 2024 10:57:26 GMT\r\netag: W/\"65f18696-dca4\"\r\nexpires: Thu, 05 Sep 2024 04:10:54 GMT\r\ncache-control: no-cache\r\npragma: public\r\nx-static: 1\r\nstrict-transport-security: max-age=31536000; preload\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=hnwF3AVguyZWU8HsJaJqgUAfUp5dIrcxu7SXqNoDWOWiIFIKxIyN5rJ6zcZZFjQy1JtBthQfIMrWUY3NkhL%2Fcm1BQcyyeFiym5Ex02p7VnldlwfyUwkxTjXPV9CAV3ClgrQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8be35f4ecb645699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":56484,"size_decoded":56484,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b879e69abfed89798ad50bae165fe541","sha1":"cf98719cbcf996a89198337fe21e7c294a32875d","sha256":"65a7e2b7212885c32408e6ae47073a9f4bd95a890547a153f4c0610021d0787f","sha512":"d0eaa7fdd0f399bcb4fde5ca17c3602f35b66caa24d3fb2cd7d9a80b01b75ab0f83b336d45be0adaff43da4c147732fe4cc9fdca67c7df814fb6e42b40834c12","ssdeep":"768:uyW1QqKRCtIwedoLnyL1Q9KACtIdf0oLzyM1QiKBCtIueHoLz:BW1xGwiGyL13GdcGuM1pGuCGz","tlshash":"8e4393de3ba15df4b44987d2f9110cb87d0ba47f7a998bf5c12cdf5a348281ca9858c2","first_seen":"2024-03-29T20:20:42Z","last_seen":"2026-03-29T07:25:15.079827Z","times_seen":73,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":124,"dns":103,"connect":1,"send":0,"wait":74,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-05","alert":"Sinkholed","trigger":"grabify.org","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}