{"report_id":"ffa71a1a-e63e-48d0-9ebd-767ce6d4b402","version":0,"status":"done","tags":["amazon","phishing"],"date":"2026-06-24T12:51:06Z","url":{"schema":"http","addr":"qhubwg.shop","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"qhubwg.shop/#/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"title":"Amazon Sign-In","dom":{"size":4913,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1545)","md5":"260349f2a0169a4c8cce6dec6ea6c6e7","sha1":"3afc84bf2f2f63fa69d456e377404238b23abd85","sha256":"532b8e99b11906e581e220782533cbd6b8f809f0b4c31315557baeb1fe1f0493","sha512":"f7725616a12a0ef94683c6ebd2186ce18d1c61aa62cb83c90d4a48f04317536225f40e0f099c4264002c41aa2be9db05409a5fa4158e320e349afcd0f45bd9ed","ssdeep":"96:gBFtouMuUusADYGox39dGTakjAjhn9gxUt0egScySqXSyRWCsigyI:g1lDYGop9dGuVjZ9gxUt0egScymyfsio","tlshash":"3fa1865625485437627360c6fb627e0c3272e72f914d893039ac62285fdeef0ad6b5b8","dom_hash":"domhashca93563f99b8a05ebf1b8047205693ff","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"qhubwg.shop","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T12:51:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]},"summary":[{"fqdn":"qhubwg.shop","ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-24T12:51:07.445024Z","last_seen":"2026-06-24T12:51:07.445024Z","alert_count":40,"request_count":10,"received_data":391613,"sent_data":4733,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-21T22:46:13.623663Z","alert_count":0,"request_count":3,"received_data":199179,"sent_data":1617,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-06-19T06:07:40.024347Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":546,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f321c33d8fd4262903bc8e01b2c8ca69","sha1":"547db5b02ee4593119587081e5e4790ccea1a89b","sha256":"c21fe457e26575958e914ea7a9e9a0602023a54860a4975569a84d3b5f348290","sha512":"8061ca43928164eadb2cde72edc55223c8825db21b1a9b826d29886254bd6303bbe64b1160821edc68ee951b499238f484ee9e3ab4b55aa2c24de7922a378520","ssdeep":"","tlshash":"12e020825076394c02114155709ad5031fb60477aec14ea13ccdb7e58fbaf5bd05e449","size":352,"data":"","first_seen":"2026-06-24T12:29:43.696835Z","last_seen":"2026-06-25T02:13:22.776302Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d284c72e40dc83e88fb83f573bf1f739","sha1":"b37ea826ffb363c76f281cb771fae9b2de30578d","sha256":"4fe6b8666beac83cb1e53723ebc8ab575a90ba594f0cb4b462026cdf75cffb85","sha512":"900198b8d20870c5df591511617fb9976396dce3c125fb18fa2b9d88337ad1a7c94d6ec09bf72ce82b2ec18a0a2478480505634f5a3a95c7eb0f6a23dd5df792","ssdeep":"","tlshash":"eff0811a1c57a4ad1ada747ae72b9d5b22152143319450137d4c80282fd09285fa5ecc","size":568,"data":"","first_seen":"2026-06-24T12:29:43.69819Z","last_seen":"2026-06-25T02:13:22.776931Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c8932d5c6fdbf4b26ff9319d180fb39d","sha1":"b41660c9000b0cf99802773a31ea30d6a4e2da2c","sha256":"8361b34faa507034edcf299643e1d9aae13c63c382a89c0f06fecc85a99a85a8","sha512":"431ce1884ea0b60e699811f3acd7b9bb171ed611d17a4d460e9db2d3eadac52270b92d8bebb819155473fffcb12d43146b55a52456639b822897447dd5d045b1","ssdeep":"","tlshash":"16d05ee85df5049298b738298b6b012934726a132448d8083e5c87e62f1a529c2139ec","size":264,"data":"","first_seen":"2026-06-24T12:29:43.699575Z","last_seen":"2026-06-25T02:13:22.777533Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/index-ZUR8Fptb.js","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9131f182a870549015a87d9a230bdb03","sha1":"c8b6402482c1447ab360ddfb79fa0077de71d411","sha256":"3d8d46850c59b2a5601eaf965ae662c93461a8065dda75b9f9e7d123a4f5106d","sha512":"ffdf0ae2052e9406d66a0d3b70b22ac1ebcdbb7b56f6ba6a5fdf7653fbae6b189437049a4ee0c44eb78be1dc82d2b6690055b34cab186a6f228f52dfeccb7ca1","ssdeep":"6144:B4OEYhwhruSI0QPRbxGqshwp7Sl3zvnvJz5EHK:BIDI5PRbxdOh1vnxz5x","tlshash":"3e2408e53292b03253ea19f6407b0505f33a1955780ec4d8f16caceb3d7694a92bbf6c","size":219007,"data":"","first_seen":"2026-06-24T12:29:43.689628Z","last_seen":"2026-06-25T02:13:22.773832Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/pages-security-check.CEQilrP4.js","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"799438c460ce54db59f5858f9ea580a0","sha1":"52145813d8efe466955f5de95dd0d0ccdb3104a0","sha256":"c7c2d727b033939fa976360fd9ecd42880970f9342c6bb43c7fc91be8883fc62","sha512":"99c6a7107869e96bfc2009f239c38bcc9d4c3517e9adb25699ed3d46e5fadd2dbf5b7755ba310ef607835f9ba59052d2d63e6cd68668f9d9fdfdc35088708695","ssdeep":"","tlshash":"30310304744af37993773005b1225485715e0fd4f0a84583adfdc5a47a4aef9b7a9278","size":1778,"data":"","first_seen":"2026-06-24T12:29:43.691496Z","last_seen":"2026-06-25T02:13:22.774439Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/security-gate.edg2Lmdd.js","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c98cc24392b77c34e9b5f5d72125be7","sha1":"b46febbe1e0a60d70865bc81d5b90096d339cdd5","sha256":"ba300922fc2b97fe6bab52da8f5e8ce39f263a2a9585e3b59fc7eb0494a3f3f2","sha512":"fc4ea371b6940260a19a03e7f55cda52276792a7f92c0feeb1307df15b3d443e01362cf997bb5a31fa2f3f7d55d5a3e3f297d5cc50d894174363bc6fa64c4428","ssdeep":"","tlshash":"9e31548d30a3a67142f125d993371008e13c0f64326d5190f1151867beb926fc1beefe","size":1458,"data":"","first_seen":"2026-06-24T12:29:43.685861Z","last_seen":"2026-06-25T02:13:22.768008Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f321c33d8fd4262903bc8e01b2c8ca69","sha1":"547db5b02ee4593119587081e5e4790ccea1a89b","sha256":"c21fe457e26575958e914ea7a9e9a0602023a54860a4975569a84d3b5f348290","sha512":"8061ca43928164eadb2cde72edc55223c8825db21b1a9b826d29886254bd6303bbe64b1160821edc68ee951b499238f484ee9e3ab4b55aa2c24de7922a378520","ssdeep":"","tlshash":"12e020825076394c02114155709ad5031fb60477aec14ea13ccdb7e58fbaf5bd05e449","size":352,"data":"","first_seen":"2026-06-24T12:29:43.696835Z","last_seen":"2026-06-25T02:13:22.776302Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d284c72e40dc83e88fb83f573bf1f739","sha1":"b37ea826ffb363c76f281cb771fae9b2de30578d","sha256":"4fe6b8666beac83cb1e53723ebc8ab575a90ba594f0cb4b462026cdf75cffb85","sha512":"900198b8d20870c5df591511617fb9976396dce3c125fb18fa2b9d88337ad1a7c94d6ec09bf72ce82b2ec18a0a2478480505634f5a3a95c7eb0f6a23dd5df792","ssdeep":"","tlshash":"eff0811a1c57a4ad1ada747ae72b9d5b22152143319450137d4c80282fd09285fa5ecc","size":568,"data":"","first_seen":"2026-06-24T12:29:43.69819Z","last_seen":"2026-06-25T02:13:22.776931Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c8932d5c6fdbf4b26ff9319d180fb39d","sha1":"b41660c9000b0cf99802773a31ea30d6a4e2da2c","sha256":"8361b34faa507034edcf299643e1d9aae13c63c382a89c0f06fecc85a99a85a8","sha512":"431ce1884ea0b60e699811f3acd7b9bb171ed611d17a4d460e9db2d3eadac52270b92d8bebb819155473fffcb12d43146b55a52456639b822897447dd5d045b1","ssdeep":"","tlshash":"16d05ee85df5049298b738298b6b012934726a132448d8083e5c87e62f1a529c2139ec","size":264,"data":"","first_seen":"2026-06-24T12:29:43.699575Z","last_seen":"2026-06-25T02:13:22.777533Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f321c33d8fd4262903bc8e01b2c8ca69","sha1":"547db5b02ee4593119587081e5e4790ccea1a89b","sha256":"c21fe457e26575958e914ea7a9e9a0602023a54860a4975569a84d3b5f348290","sha512":"8061ca43928164eadb2cde72edc55223c8825db21b1a9b826d29886254bd6303bbe64b1160821edc68ee951b499238f484ee9e3ab4b55aa2c24de7922a378520","ssdeep":"","tlshash":"12e020825076394c02114155709ad5031fb60477aec14ea13ccdb7e58fbaf5bd05e449","size":352,"data":"","first_seen":"2026-06-24T12:29:43.696835Z","last_seen":"2026-06-25T02:13:22.776302Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d284c72e40dc83e88fb83f573bf1f739","sha1":"b37ea826ffb363c76f281cb771fae9b2de30578d","sha256":"4fe6b8666beac83cb1e53723ebc8ab575a90ba594f0cb4b462026cdf75cffb85","sha512":"900198b8d20870c5df591511617fb9976396dce3c125fb18fa2b9d88337ad1a7c94d6ec09bf72ce82b2ec18a0a2478480505634f5a3a95c7eb0f6a23dd5df792","ssdeep":"","tlshash":"eff0811a1c57a4ad1ada747ae72b9d5b22152143319450137d4c80282fd09285fa5ecc","size":568,"data":"","first_seen":"2026-06-24T12:29:43.69819Z","last_seen":"2026-06-25T02:13:22.776931Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c8932d5c6fdbf4b26ff9319d180fb39d","sha1":"b41660c9000b0cf99802773a31ea30d6a4e2da2c","sha256":"8361b34faa507034edcf299643e1d9aae13c63c382a89c0f06fecc85a99a85a8","sha512":"431ce1884ea0b60e699811f3acd7b9bb171ed611d17a4d460e9db2d3eadac52270b92d8bebb819155473fffcb12d43146b55a52456639b822897447dd5d045b1","ssdeep":"","tlshash":"16d05ee85df5049298b738298b6b012934726a132448d8083e5c87e62f1a529c2139ec","size":264,"data":"","first_seen":"2026-06-24T12:29:43.699575Z","last_seen":"2026-06-25T02:13:22.777533Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"qhubwg.shop/assets/index-DocCG9_t.css","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.254Z","timestamp":1782305435254,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/index-DocCG9_t.css HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jun 2026 11:21:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a35264a-615a\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24922,"size_decoded":4659,"mime_type":"text/css","magic":"ASCII text, with very long lines (24921)","md5":"afec86ed80d271283f8a2cacf602ed2e","sha1":"babc8c789eeb6c81f29c0a47f068f11cc134a8c0","sha256":"a623aeb245bc69b23abf911220d8f23d4456411ce45b2463d0399becdcfd7b60","sha512":"7a1202712bb11666b854ed8a9ba3250a6aed31ffadf6df0c3c910c93e4788b0ea3b1b53beb442615af80ae8fc3aa3af251f905806184d931f23e2d27ca0e6fd4","ssdeep":"384:FzDzFzaF3Y39IK5jBzQxtGkH9213E9z4TYDnl:lDpOFo8","tlshash":"0eb2dfb2aa503c17e27e8b33ec911768350450a0d76313f2b79b5f9a8d4965f46633ce","first_seen":"2026-06-24T12:29:43.690564Z","last_seen":"2026-06-25T02:13:22.7701Z","times_seen":25,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/pages-security-check.CEQilrP4.js","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.837Z","timestamp":1782305435837,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/pages-security-check.CEQilrP4.js HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Jun 2026 11:21:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a35264f-6f2\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1778,"size_decoded":1355,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1775)","md5":"799438c460ce54db59f5858f9ea580a0","sha1":"52145813d8efe466955f5de95dd0d0ccdb3104a0","sha256":"c7c2d727b033939fa976360fd9ecd42880970f9342c6bb43c7fc91be8883fc62","sha512":"99c6a7107869e96bfc2009f239c38bcc9d4c3517e9adb25699ed3d46e5fadd2dbf5b7755ba310ef607835f9ba59052d2d63e6cd68668f9d9fdfdc35088708695","ssdeep":"","tlshash":"30310304744af37993773005b1225485715e0fd4f0a84583adfdc5a47a4aef9b7a9278","first_seen":"2026-06-24T12:29:43.691496Z","last_seen":"2026-06-25T02:13:22.774439Z","times_seen":25,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/security-gate.edg2Lmdd.js","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.840Z","timestamp":1782305435840,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/security-gate.edg2Lmdd.js HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Jun 2026 11:21:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a352650-5b2\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1458,"size_decoded":1240,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1457)","md5":"5c98cc24392b77c34e9b5f5d72125be7","sha1":"b46febbe1e0a60d70865bc81d5b90096d339cdd5","sha256":"ba300922fc2b97fe6bab52da8f5e8ce39f263a2a9585e3b59fc7eb0494a3f3f2","sha512":"fc4ea371b6940260a19a03e7f55cda52276792a7f92c0feeb1307df15b3d443e01362cf997bb5a31fa2f3f7d55d5a3e3f297d5cc50d894174363bc6fa64c4428","ssdeep":"","tlshash":"9e31548d30a3a67142f125d993371008e13c0f64326d5190f1151867beb926fc1beefe","first_seen":"2026-06-24T12:29:43.685861Z","last_seen":"2026-06-25T02:13:22.768008Z","times_seen":25,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/iBug/Amazon-Fonts@master/fonts/AmazonEmber_W_Rg.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:36.021Z","timestamp":1782305436021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/iBug/Amazon-Fonts@master/fonts/AmazonEmber_W_Rg.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qhubwg.shop\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 12:50:36 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 65312\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: master\r\nx-jsd-version-type: branch\r\netag: W/\"ff20-e4gJuq5ezGPo6pgO4mc3qrCOS70\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220144-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 6810\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CjThyvGMwWkASSoH3LaUMHbO%2FWUjt7Pxji%2FbJHxMWBQUbEAMWe3mLblNExQg%2B%2BPeYLwK6Hp3VxRCxsxqLXaLRopieaGdTd6LYSL0OwIUjaosiwaFM4O6tM3WCjVvVTtxraQ%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a10bdbef3fabb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65312,"size_decoded":66361,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 65312, version 1.19661","md5":"6131b65846e2949ee9794638a0963fec","sha1":"7b8809baae5ecc63e8ea980ee26737aab08e4bbd","sha256":"e65ef1192cb72824b7740f397d26edf2c7afde2a60b5ec70666042c0eba0fea0","sha512":"197f5e230d77bbbfff042c7c2c955beed7206d3e56fc3446a2a2558e38e4a57fd101c206fe9ff289bacf7f34bd2dcf41b081efc7452545b9eb71743c90e97ab4","ssdeep":"1536:6I/mcJjTY1qwruBW3QBPR93pskDKU7ynezlkl3OmHmryC34rQ7yA:6wFZSr0Wy933xeTemG3FV","tlshash":"1153020af15d5682013c3b73dfed1a258c07b4d3528b54ee2ef6a799e34b2490a4bf85","first_seen":"2023-04-14T15:00:27Z","last_seen":"2026-06-25T14:46:28.856077Z","times_seen":414,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":2,"send":0,"wait":9,"receive":3,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/uni.af8305f3.css","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.246Z","timestamp":1782305435246,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/uni.af8305f3.css HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jun 2026 11:21:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a352651-1fd0\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8144,"size_decoded":2428,"mime_type":"text/css","magic":"ASCII text, with very long lines (8143)","md5":"2beca2638ae85b9269ee10d1be1b797e","sha1":"c833c0195aa7eb7b6c8363dda6e3328dbcc31291","sha256":"af8305f3dcd01637f74d89ca1ff37bb5dbe36ce34b77082bfb3a182f6b5a8a1d","sha512":"4ea1b44e5d0def23ed4c8623f794cf09fd51ddff65a74aedbfca5e053a06df95fb67cf3efa61f8970c3af668c1a8abade33e5464d22551c32916981df0c72028","ssdeep":"192:Ujj8LGJ0CQLnWL9/CWh57nYV2UNXVA8MED/Ph/:UXpmLWLAg8bB/","tlshash":"18f14271d440132eb517cf2e12e2db4f312245b2dd123f28bf7624b48fa96c6693a786","first_seen":"2026-06-24T12:29:43.692454Z","last_seen":"2026-06-25T02:13:22.773227Z","times_seen":25,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/index-ZUR8Fptb.js","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.251Z","timestamp":1782305435251,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/index-ZUR8Fptb.js HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Jun 2026 11:21:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a35264b-3577f\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":219007,"size_decoded":81483,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32170)","md5":"9131f182a870549015a87d9a230bdb03","sha1":"c8b6402482c1447ab360ddfb79fa0077de71d411","sha256":"3d8d46850c59b2a5601eaf965ae662c93461a8065dda75b9f9e7d123a4f5106d","sha512":"ffdf0ae2052e9406d66a0d3b70b22ac1ebcdbb7b56f6ba6a5fdf7653fbae6b189437049a4ee0c44eb78be1dc82d2b6690055b34cab186a6f228f52dfeccb7ca1","ssdeep":"6144:B4OEYhwhruSI0QPRbxGqshwp7Sl3zvnvJz5EHK:BIDI5PRbxdOh1vnxz5x","tlshash":"3e2408e53292b03253ea19f6407b0505f33a1955780ec4d8f16caceb3d7694a92bbf6c","first_seen":"2026-06-24T12:29:43.689628Z","last_seen":"2026-06-25T02:13:22.773832Z","times_seen":25,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/security-check-Duv6JG4X.css","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.844Z","timestamp":1782305435844,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/security-check-Duv6JG4X.css HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jun 2026 11:21:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a352650-cd2\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3282,"size_decoded":1644,"mime_type":"text/css","magic":"ASCII text, with very long lines (3281)","md5":"96f3f2fc5f653485fcae2e829d3ed352","sha1":"43422940adad36bd8d7593ae2cf10df50046c39c","sha256":"4a800a344a806e7adaabfda0ca7614101baa602a2961333245343e31873096b2","sha512":"b6f0b16cc12662fce88bd8998d7f204ae7b54f121055e88d96f12f83061b16bc9696452f8c02c6711b95404be4eb89d24caa1149ad40e627b96ed9bec7555600","ssdeep":"","tlshash":"da610e71775ca414f633ab153ad03b8d2124d663b05b87baa9237e358ccf1923a77348","first_seen":"2026-06-24T12:29:43.687943Z","last_seen":"2026-06-25T02:13:22.771591Z","times_seen":25,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/iBug/Amazon-Fonts@master/fonts/AmazonEmber_W_Bd.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:36.029Z","timestamp":1782305436029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/iBug/Amazon-Fonts@master/fonts/AmazonEmber_W_Bd.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qhubwg.shop\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 12:50:36 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 65400\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: master\r\nx-jsd-version-type: branch\r\netag: W/\"ff78-t7ECyGX3+f1+FhvWeVFHQhqObP0\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220118-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 6810\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aAlZkRgUIA9QfBw7QBZHht3qyr4f3WO4Ta9K0fruxgkGN4qdeEZxnWlyyzQVMv%2FjBtSu%2BnrO8%2FCM3HCU0xBVj1vd9%2FssN0bq6wP5v%2FeKgwZ4PkUhJOgMv6kkAcFOeb3iZS8%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a10bdbef4ff1b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65400,"size_decoded":66451,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 65400, version 1.19661","md5":"68658972cef5823aaa45770ad15df48e","sha1":"b7b102c865f7f9fd7e161bd6795147421a8e6cfd","sha256":"fae8d9892169edc72006fbc01c8a55c20c98ddd38f1fb927e817d290f398ca92","sha512":"59d3991f1f4b1d53ace39e1b9c00e3c66dd6eb4a7c5e19f7168ea2c8ba401264a650b2cdff859566c51e5f12c773bce63f8d33a7abf48b888e0be6c4bf87eff4","ssdeep":"1536:msfO1TqlmnlfgjCcFQkk7wd6sX37kbV4AKB:nfOclmlo2cFQkk70Y4VB","tlshash":"c353029ec75990f5f0b58e3a0d345202be3add8cd57048b46f64c94ca427a7f274295f","first_seen":"2023-04-14T15:00:27Z","last_seen":"2026-06-25T14:46:28.867426Z","times_seen":1009,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":2,"dns":0,"connect":2,"send":0,"wait":7,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/static/logo.png","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:36.338Z","timestamp":1782305436338,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /static/logo.png HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 19 Jun 2026 11:21:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a352644-1226e\"\r\nexpires: Fri, 24 Jul 2026 12:50:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74350,"size_decoded":73299,"mime_type":"image/png","magic":"PNG image data, 720 x 589, 8-bit/color RGBA, non-interlaced","md5":"4dd91911b613e8a47eefa9744c0eea7c","sha1":"3fdb6505a6674b07a69e7f200f0ffe69c51a8523","sha256":"309d3df30f5aaf77d8c6ed72ce863636634b06192254bc40b0cbed046f0c6020","sha512":"ecfc90f19961e4c2307e9074fd67236bc5c643c6784574bb74533198cf1914255a541b1b6af2fbb2eb0d51fc5f4a15e021e6672afdf6ed1d5470871d7a521ec9","ssdeep":"1536:uPYpDfeCwwCijjJ2UrjO+GEhPIYpoFjpotmNk1ok8Tm1mNN8:uOfeCNrjjsoORjEoppImNk1WmAb8","tlshash":"f0730203db018c5fd6a48d3a04d705897436eca748e6d2a47316fa470afad690cbbf8d","first_seen":"2026-06-24T12:29:43.693944Z","last_seen":"2026-06-25T02:13:22.775592Z","times_seen":25,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:38.782Z","timestamp":1782305438782,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T06:55:03.618869Z","times_seen":16731264,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T12:50:34.356Z","timestamp":1782305434356,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:34 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 22 Jun 2026 16:33:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3963cf-9cc\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2508,"size_decoded":1775,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"d4b3a8c4c134d9a97461b440720bca0f","sha1":"4d9e288d22618cce30280226317f5be9c7c998df","sha256":"a182044e9f1aa25f14895f194fa3bc9ed2c041ce992235e5c6edbb65bcf3714b","sha512":"06b7ab0e1c456fbca92fd4ca8224efe52672169a1edadc55df820624d226ec5ecee71244f76a7e0f513772b92be8912c1fe28bf09f3c7eeaac2eebea4dfa5169","ssdeep":"","tlshash":"4b51c5568cd19406a2a30439ab6bf91935b2d7176288cd203ccdd2381fc5f988da7efc","first_seen":"2026-06-24T12:29:43.684896Z","last_seen":"2026-06-25T02:13:22.769318Z","times_seen":25,"resource_available":true,"data":null}},"time_used":636,"timings":{"blocked":0,"dns":5,"connect":157,"send":0,"wait":157,"receive":0,"ssl":317},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/iBug/Amazon-Fonts@master/fonts/AmazonEmber_W_Rg.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.778Z","timestamp":1782305435778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/iBug/Amazon-Fonts@master/fonts/AmazonEmber_W_Rg.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qhubwg.shop\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 24 Jun 2026 12:50:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 65312\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: master\r\nx-jsd-version-type: branch\r\netag: W/\"ff20-e4gJuq5ezGPo6pgO4mc3qrCOS70\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220144-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 6824\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HAxFoFdfIXEwGUZ%2F%2FactHMGUvfkY5YZglT7OGR5Zoyf7S%2BLBIAI%2FOYpJ3tnxQjUl3M9OKnUSOX2x7y0qwNSnz7cQdUC9aKBJDqAg%2BhS549qH%2FpRXjgrEDingr%2F2SDMbpxvU%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a10bdc45cb52b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65312,"size_decoded":66367,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 65312, version 1.19661","md5":"6131b65846e2949ee9794638a0963fec","sha1":"7b8809baae5ecc63e8ea980ee26737aab08e4bbd","sha256":"e65ef1192cb72824b7740f397d26edf2c7afde2a60b5ec70666042c0eba0fea0","sha512":"197f5e230d77bbbfff042c7c2c955beed7206d3e56fc3446a2a2558e38e4a57fd101c206fe9ff289bacf7f34bd2dcf41b081efc7452545b9eb71743c90e97ab4","ssdeep":"1536:6I/mcJjTY1qwruBW3QBPR93pskDKU7ynezlkl3OmHmryC34rQ7yA:6wFZSr0Wy933xeTemG3FV","tlshash":"1153020af15d5682013c3b73dfed1a258c07b4d3528b54ee2ef6a799e34b2490a4bf85","first_seen":"2023-04-14T15:00:27Z","last_seen":"2026-06-25T14:46:28.856077Z","times_seen":414,"resource_available":false,"data":null}},"time_used":15663,"timings":{"blocked":0,"dns":4,"connect":2,"send":0,"wait":1503,"receive":50,"ssl":14103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/security-gate-8-j1UqxL.css","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:35.841Z","timestamp":1782305435841,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/security-gate-8-j1UqxL.css HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 741\r\nlast-modified: Fri, 19 Jun 2026 11:21:52 GMT\r\netag: \"6a352650-2e5\"\r\nexpires: Thu, 25 Jun 2026 00:50:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":741,"size_decoded":1221,"mime_type":"text/css","magic":"ASCII text, with very long lines (740)","md5":"f606760d412f2dcd764bea280613f923","sha1":"d7cd92973c68796b7cdf7e82e35328a7925a0f10","sha256":"982a23a4d6d0978da8c1d44ace97e70e86001408d58acacec999e9c05cc5663f","sha512":"dea0900d46b37b8c9bc68b148aa3736f9f73f57930e7d724fdb4a9f0edd8f6b416a0b19b41e82b2716d1c52761b3c5e7b94efa19b227d22aae35fce29963c311","ssdeep":"","tlshash":"df01bd3232c52019e9339b2195b30fcc876cc901e25b856f7322637e49cf29519738e9","first_seen":"2026-06-24T12:29:43.687019Z","last_seen":"2026-06-25T02:13:22.775043Z","times_seen":25,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"qhubwg.shop/assets/dFME09ucGvCLOlN-JNlNH0gT.png","fqdn":"qhubwg.shop","domain":"qhubwg.shop","tld":"shop"},"ip":{"addr":"185.255.198.196","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qhubwg.shop/","date":"2026-06-24T12:50:36.024Z","timestamp":1782305436024,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qhubwg.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 15:36:56 GMT","end":"Sun, 20 Sep 2026 15:36:55 GMT"},"fingerprint":{"sha1":"76:25:C9:E8:E3:6C:03:84:97:C0:08:F1:FF:57:19:8D:DA:70:32:70","sha256":"D6:CC:6E:10:F6:1F:40:FF:CF:FA:5B:C6:4E:CA:62:47:B4:17:CE:AA:D7:EA:73:DA:00:A9:99:94:8B:5A:DF:D2"}}},"request":{"raw":"GET /assets/dFME09ucGvCLOlN-JNlNH0gT.png HTTP/1.1\r\nHost: qhubwg.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://qhubwg.shop/assets/security-gate-8-j1UqxL.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 24 Jun 2026 12:50:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 19 Jun 2026 11:21:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a35264a-c597\"\r\nexpires: Fri, 24 Jul 2026 12:50:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50583,"size_decoded":50573,"mime_type":"image/png","magic":"PNG image data, 1024 x 512, 8-bit colormap, non-interlaced","md5":"2c8051315ed3c4130bc08da22c114e18","sha1":"2ba9bcb3c3609717ac7b93a9f209384af01f52f5","sha256":"9b9fbb358047dc822d4ccc76be1ea5ac48260862468bb5a93576247d7e989ea1","sha512":"6cdaeec8d8feed5df57ff6aa9c7403bea626bbf46b26b94ee3050602a381a1748a3bb04b035b3a9f293f2c37f2135c41e379e229c1ddeff9bd317f65b51d82e6","ssdeep":"1536:UY0W0vkKKyz3PbwFCdn3IRQm12iNjgTJW:UYzjyz3Pb5pT/icU","tlshash":"6433028f263caa64c1e610bf1e94e2e216397c446b915d4737de7b712130aae70285bf","first_seen":"2026-06-24T12:29:43.694918Z","last_seen":"2026-06-25T02:13:22.772076Z","times_seen":25,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"qhubwg.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"qhubwg.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}}]}