{"report_id":"073746fa-e6f9-4c2b-8f4d-531301fb6cc5","version":6,"status":"done","tags":[],"date":"2026-05-30T00:55:57Z","url":{"schema":"http","addr":"umb-conect.com","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":0,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"umb-conect.com/","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"title":"UMB Direct Login","dom":{"size":15560,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"dce70eaa2bf1bd647dc5f2ed380a60bb","sha1":"139e8166b50bcc95ef662169b038471015a402e2","sha256":"f53508dda3e277df9b2c7ff9d9c8d3f6979d22cc76e65521a5b266c385c8a1a4","sha512":"ffde965827bd0c610b90aae5a0640256860cbb872bcae862ecfbc9774b569685f6a7dca5ed8d15f63a1922ba6edaf12cf1eff3da3eedbd4c2586c54cebbff8e3","ssdeep":"192:3Ph9QaDirzFp+r3kzFk/NNyD4TFlvPFwIIPIZcoNZgBAuE0xu6PH16yJRnat0i/W:35FDcFLFqyD+F1Fwhe6QZmf","tlshash":"2762311b66b700267953a56c2bbb275d3669d003c20ecd187e9c274ccfcaad68d6378d","dom_hash":"domhashe7e3ffa0da0fb006cbc21e47e2f57edd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"umb-conect.com","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":0,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T00:55:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"umb-conect.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"umb-conect.com","ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"domain_registered":"2026-05-28","domain_rank":0,"first_seen":"2026-05-30T00:43:46.246376Z","last_seen":"2026-05-30T00:43:46.246376Z","alert_count":20,"request_count":4,"received_data":73007,"sent_data":1796,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.30.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"umb-conect.com/","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"b8f58741544578168c96500c94b98a76","sha1":"57b220e117b070f283d5620845a6c75676790b3f","sha256":"049dfbce63cb1772fa25e99796a3c2191266fed14f9fc26c179ded676602db9d","sha512":"697a9dde0a6857652eb8b3109a7cc419268e29137afc2a4f3a436d682111b7737dffa78c30afccea72a7cf3c842613406e4b9a81691b8a9ba0923776abd11a09","ssdeep":"","tlshash":"f1c0801992f0497ca1361067d79563f5c4f407d4f6015415905c7c8435c0cf433b1c57","size":174,"data":"","first_seen":"2026-05-30T00:43:50.148025Z","last_seen":"2026-05-30T04:12:20.544193Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"umb-conect.com/","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"2ca984458928b13d6b6a87a71a000da1","sha1":"377f563edb636731e91e0d08403d7d7cfd3eeb4d","sha256":"be8e2a4d56dd54d992edc14112201d258566d7075a0e03f53bde18ae9655a7a4","sha512":"5156b93bb890daf30a9bee4d28bf1606c21aede5bc675b85ef4198dabf055221b419cd328a5ac9caf4cb8abb3105c0e80807e267cb1868def38afad6ffbddacc","ssdeep":"","tlshash":"97c08c0654a04fb4c23211abd5d142dd8cb416a8b102a412207d8d0038c08e803b1cdb","size":159,"data":"","first_seen":"2026-05-30T00:43:50.152152Z","last_seen":"2026-05-30T04:12:20.544899Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"umb-conect.com/","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T00:55:35.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"umb-conect.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 17:01:15 GMT","end":"Wed, 26 Aug 2026 17:01:14 GMT"},"fingerprint":{"sha1":"13:74:DE:90:EF:AA:D3:7D:95:C7:01:F8:54:E2:42:E7:FD:98:46:93","sha256":"9F:38:2C:4C:39:6C:1D:A7:A7:B6:8A:45:5F:DF:A0:43:28:E9:BC:2B:1F:7D:99:33:85:70:61:4D:AE:7E:A0:71"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: umb-conect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.30.2\r\nDate: Sat, 30 May 2026 00:55:35 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 3338\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.30.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15559,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"b11a0b650f592d3a3b64b45d26b93aa4","sha1":"ba18dc703cf45e6a76fbad525c1444e4cbd594fe","sha256":"9ea022f680ade8eaa0f6927c323c458b839aebfd3dff00b2b73864952ea0f642","sha512":"0a33836c460fae8ff4e9c5ad1b92e7590b554cc4482bc258d19552cd96ce487c486a6cf3f1784a7767c0109f1f10e89f4cc958e834b376d7010b4055848d7acc","ssdeep":"192:hPh9QaDirzFp+r3kzFk/NNyD4TFlvPFwIIPIZcoNZgBAuE0xu6PH16yJRnav0im0:h5FDcFLFqyD+F1Fwhec1Zmt","tlshash":"0e62201b66b700267953a56c2bbb275d3669d003c20edd187e9c274ccfcaad68d6378c","first_seen":"2026-05-30T00:43:50.141247Z","last_seen":"2026-05-30T04:12:20.543446Z","times_seen":4,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":71,"dns":1,"connect":27,"send":0,"wait":45,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"umb-conect.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"umb-conect.com/assets/logo.svg","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://umb-conect.com/","date":"2026-05-30T00:55:35.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"umb-conect.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 17:01:15 GMT","end":"Wed, 26 Aug 2026 17:01:14 GMT"},"fingerprint":{"sha1":"13:74:DE:90:EF:AA:D3:7D:95:C7:01:F8:54:E2:42:E7:FD:98:46:93","sha256":"9F:38:2C:4C:39:6C:1D:A7:A7:B6:8A:45:5F:DF:A0:43:28:E9:BC:2B:1F:7D:99:33:85:70:61:4D:AE:7E:A0:71"}}},"request":{"raw":"GET /assets/logo.svg HTTP/1.1\r\nHost: umb-conect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://umb-conect.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.30.2\r\nDate: Sat, 30 May 2026 00:55:35 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 3257\r\nLast-Modified: Fri, 22 May 2026 09:45:04 GMT\r\nConnection: keep-alive\r\nETag: \"6a1025a0-cb9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.30.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3257,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4769a07372f41817a816a40cc2d0b2e7","sha1":"a449cf339a810b495c5a55e08103d55bd9a3223d","sha256":"f86d2bc7308f9b5f8be7899104fea08644520416a38eaa7be9c8702b9fa46ac8","sha512":"64e4e3d98cc2cf3448b1d650712c002a67494457717c3c8fc3b8898fcc05da2dd46ec61bf76bc53b9cd11fac4ff8c9d65e8133ab71f9968503bdce4ba214ba05","ssdeep":"","tlshash":"7161d83a2338dfe8390b064b6c311ca933dbb8febe545280c2d3198366979f4051096c","first_seen":"2025-05-22T12:43:52.240401Z","last_seen":"2026-06-04T17:08:24.408614Z","times_seen":60,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"umb-conect.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"umb-conect.com/assets/hero.jpg","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://umb-conect.com/","date":"2026-05-30T00:55:35.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"umb-conect.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 17:01:15 GMT","end":"Wed, 26 Aug 2026 17:01:14 GMT"},"fingerprint":{"sha1":"13:74:DE:90:EF:AA:D3:7D:95:C7:01:F8:54:E2:42:E7:FD:98:46:93","sha256":"9F:38:2C:4C:39:6C:1D:A7:A7:B6:8A:45:5F:DF:A0:43:28:E9:BC:2B:1F:7D:99:33:85:70:61:4D:AE:7E:A0:71"}}},"request":{"raw":"GET /assets/hero.jpg HTTP/1.1\r\nHost: umb-conect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://umb-conect.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.30.2\r\nDate: Sat, 30 May 2026 00:55:35 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 22 May 2026 09:44:25 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6a102579-950c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.30.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38156,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75\", baseline, precision 8, 840x500, components 3","md5":"5b3e18b5620797aa5e0f84c4fb2d2977","sha1":"5a395f1fd0231f2e1bf90d63fd67566dc38ca196","sha256":"1792c9b43c09cf677875a16da25dcc14074093ab48a51f60724ff7c643ac11ef","sha512":"b86b59121efa4ebc7d0045ad786bdc90bf03c5f0a1b5aeaeb04ec717b8cf4f7ba384b25587b90ae15bb57691e7833578cd0591fa7554864817fc6772f70da62d","ssdeep":"768:90fBzmzL2bbC31XsYiO7korOYZElnecr96Z0J7WKzjmD0gGN0TicREiFbNHo9D:94tWabbCqYiUJOouNzajRzxMD","tlshash":"0003f17bb6f155b1db6b99f88e9f09d754d7bca8603850305883b6ab2f31e9d0d1200b","first_seen":"2024-05-13T15:03:38Z","last_seen":"2026-06-04T17:08:24.478171Z","times_seen":47,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":67,"dns":1,"connect":28,"send":0,"wait":53,"receive":4,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"umb-conect.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"umb-conect.com/favicon.ico","fqdn":"umb-conect.com","domain":"umb-conect.com","tld":"com"},"ip":{"addr":"87.251.64.218","port":443,"asn":197414,"as":"Xhost Internet Solutions Lp","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://umb-conect.com/","date":"2026-05-30T00:55:36.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"umb-conect.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 17:01:15 GMT","end":"Wed, 26 Aug 2026 17:01:14 GMT"},"fingerprint":{"sha1":"13:74:DE:90:EF:AA:D3:7D:95:C7:01:F8:54:E2:42:E7:FD:98:46:93","sha256":"9F:38:2C:4C:39:6C:1D:A7:A7:B6:8A:45:5F:DF:A0:43:28:E9:BC:2B:1F:7D:99:33:85:70:61:4D:AE:7E:A0:71"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: umb-conect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://umb-conect.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.30.2\r\nDate: Sat, 30 May 2026 00:55:36 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 15086\r\nLast-Modified: Fri, 22 May 2026 12:21:15 GMT\r\nConnection: keep-alive\r\nETag: \"6a104a3b-3aee\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.30.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"1601e7312e894289dce28bed649e1903","sha1":"c73d01dab6990185a7d73d4e7265306b4176d4ec","sha256":"60562060153d10d3b70909724b985ed670685e8d6aedb683804809d14ee9d001","sha512":"cd501c4bb8adc9a670c5a21a3a164b60aa187bf423d4426e41f748ff39489dcfd63fa7b1b80b8ca18a06f0b9a568db209f9c2c669bc877ce44a32f01d80e9b76","ssdeep":"96:joCIztwEFwX+CkifbQZWaE+D+CfTHkOsZ/HtIC8B7PG:jotZwE8PQTbDbfb/sXI/7O","tlshash":"9f62ade7a193800ded3809b48f5f9f11d6beedea44dc11225ab6b21a1d39537e43340b","first_seen":"2026-05-30T00:43:50.146315Z","last_seen":"2026-05-30T04:12:20.542764Z","times_seen":4,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"umb-conect.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"umb-conect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}