{"report_id":"0ec26a5d-cdc8-4da3-8c32-88a4a37c0aca","version":6,"status":"done","tags":[],"date":"2025-11-04T22:34:43Z","url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"title":"Suspected phishing site | Cloudflare","dom":{"size":4090,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (396)","md5":"ae6d2f253ed410c5f0a7ff5cbc9c3a9d","sha1":"faff677d62102ed3bf5ff3fa01b7f55b43877cce","sha256":"ffb1ff6535001883947c4624d6f571a91e32e675f400919cd4b4612a17ab45d6","sha512":"b25174e3993cd219d31e3a12d9c29f0cc4d32096e23a27b7d3e9177173e2e40dbb1cc6455606889ea389af6c2cc6e040f263db2315bc5151a35f5eb8f88d530a","ssdeep":"","tlshash":"40815363bafd103f119391b2a6bdb70939a1c007cba6499036bcc2751f4ef92ad532c5","dom_hash":"domhashcd9e1064290e3760e4e259032029bd11","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWwgY2xhc3M9Im5vLWpzIiBsYW5nPSJlbi1VUyI+PCEtLTwhW2VuZGlmXS0tPjxoZWFkPgogIDx0aXRsZT5TdXNwZWN0ZWQgcGhpc2hpbmcgc2l0ZSB8IENsb3VkZmxhcmU8L3RpdGxlPgogIDxtZXRhIGNoYXJzZXQ9IlVURi04Ij4KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9VVRGLTgiPgo8bWV0YSBodHRwLWVxdWl2PSJYLVVBLUNvbXBhdGlibGUiIGNvbnRlbnQ9IklFPUVkZ2UiPgo8bWV0YSBuYW1lPSJyb2JvdHMiIGNvbnRlbnQ9Im5vaW5kZXgsIG5vZm9sbG93Ij4KPG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCxpbml0aWFsLXNjYWxlPTEiPgo8bGluayByZWw9InN0eWxlc2hlZXQiIGlkPSJjZl9zdHlsZXMtY3NzIiBocmVmPSIvY2RuLWNnaS9zdHlsZXMvY2YuZXJyb3JzLmNzcyI+CjwhLS1baWYgbHQgSUUgOV0+PGxpbmsgcmVsPSJzdHlsZXNoZWV0IiBpZD0nY2Zfc3R5bGVzLWllLWNzcycgaHJlZj0iL2Nkbi1jZ2kvc3R5bGVzL2NmLmVycm9ycy5pZS5jc3MiIC8+PCFbZW5kaWZdLS0+CjxzdHlsZT5ib2R5e21hcmdpbjowO3BhZGRpbmc6MH08L3N0eWxlPgoKCjwhLS1baWYgZ3RlIElFIDEwXT48IS0tPgo8c2NyaXB0PgogIGlmICghbmF2aWdhdG9yLmNvb2tpZUVuYWJsZWQpIHsKICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdET01Db250ZW50TG9hZGVkJywgZnVuY3Rpb24gKCkgewogICAgICB2YXIgY29va2llRWwgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnY29va2llLWFsZXJ0Jyk7CiAgICAgIGNvb2tpZUVsLnN0eWxlLmRpc3BsYXkgPSAnYmxvY2snOwogICAgfSkKICB9Cjwvc2NyaXB0Pgo8IS0tPCFbZW5kaWZdLS0+CgogIDxzY3JpcHQgc3JjPSJodHRwczovL2NoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20vdHVybnN0aWxlL3YwL2FwaS5qcyIgYXN5bmM9IiIgZGVmZXI9IiI+PC9zY3JpcHQ+CiAgPHNjcmlwdD4KICAgIGZ1bmN0aW9uIG9uVHVybnN0aWxlU3VjY2Vzcyh0b2tlbikgewogICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiYnlwYXNzLWJ1dHRvbiIpLmRpc2FibGVkID0gZmFsc2U7CiAgICB9CiAgPC9zY3JpcHQ+CjwvaGVhZD4KCjxib2R5PgogIDxkaXYgaWQ9ImNmLXdyYXBwZXIiPgogICAgPGRpdiBjbGFzcz0iY2YtYWxlcnQgY2YtYWxlcnQtZXJyb3IgY2YtY29va2llLWVycm9yIiBpZD0iY29va2llLWFsZXJ0IiBkYXRhLXRyYW5zbGF0ZT0iZW5hYmxlX2Nvb2tpZXMiPlBsZWFzZSBlbmFibGUKICAgICAgY29va2llcy4KICAgIDwvZGl2PgogICAgPGRpdiBpZD0iY2YtZXJyb3ItZGV0YWlscyIgY2xhc3M9ImNmLWVycm9yLWRldGFpbHMtd3JhcHBlciI+CiAgICAgIDxkaXYgY2xhc3M9ImNmLXNlY3Rpb24gY2Ytd3JhcHBlciIgc3R5bGU9Im1hcmdpbi10b3A6IDEwMHB4O21hcmdpbi1ib3R0b206MjAwcHg7Ij4KICAgICAgICA8ZGl2IGNsYXNzPSJjZi1jb2x1bW5zIG9uZSI+CiAgICAgICAgICA8ZGl2IGNsYXNzPSJjZi1jb2x1bW4iPgogICAgICAgICAgICA8aDQgY2xhc3M9ImNmLXRleHQtZXJyb3IiPjxpIGNsYXNzPSJjZi1pY29uLWV4Y2xhbWF0aW9uLXNpZ24iIHN0eWxlPSJiYWNrZ3JvdW5kLXNpemU6IDE4cHg7CiAgICAgICAgICAgICAgaGVpZ2h0OiAxOHB4OwogICAgICAgICAgICAgIHdpZHRoOiAxOHB4OwogICAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDJweDsiPjwvaT4gV2FybmluZzwvaDQ+CgogICAgICAgICAgICAKICAgICAgICAgICAgPGgyIHN0eWxlPSJtYXJnaW46IDE2cHggMDsiPlN1c3BlY3RlZCBQaGlzaGluZzwvaDI+CiAgICAgICAgICAgIDxzdHJvbmc+VGhpcyB3ZWJzaXRlIGhhcyBiZWVuIHJlcG9ydGVkIGZvciBwb3RlbnRpYWwgcGhpc2hpbmcuPC9zdHJvbmc+CiAgICAgICAgICAgIDxwPlBoaXNoaW5nIGlzIHdoZW4gYSBzaXRlIGF0dGVtcHRzIHRvIHN0ZWFsIHNlbnNpdGl2ZSBpbmZvcm1hdGlvbiBieSBmYWxzZWx5IHByZXNlbnRpbmcgYXMgYSBzYWZlIHNvdXJjZS4KICAgICAgICAgICAgPC9wPgogICAgICAgICAgICAKICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSIvY2RuLWNnaS9waGlzaC1ieXBhc3MiIG1ldGhvZD0iR0VUIiBlbmN0eXBlPSJ0ZXh0L3BsYWluIiBzdHlsZT0ibWFyZ2luLXRvcDogMTJweDsiPgogICAgICAgICAgICAgIAogICAgICAgICAgICAgIDxhIGhyZWY9Imh0dHBzOi8vd3d3LmNsb3VkZmxhcmUuY29tL2xlYXJuaW5nL2FjY2Vzcy1tYW5hZ2VtZW50L3BoaXNoaW5nLWF0dGFjay8iIGNsYXNzPSJjZi1idG4iIHN0eWxlPSJiYWNrZ3JvdW5kLWNvbG9yOiAjNDA0MDQwOyBjb2xvcjogI2ZmZjsgYm9yZGVyOiAwOyI+TGVhcm4gTW9yZTwvYT4KICAgICAgICAgICAgICAKCiAgICAgICAgICAgICAgCiAgICAgICAgICAgIDwvZm9ybT4KICAgICAgICAgIDwvZGl2PgogICAgICAgIDwvZGl2PgogICAgICA8L2Rpdj48IS0tIC8uc2VjdGlvbiAtLT4KICAgICAgPGRpdiBpZD0idHMtYmxvY2tzIiBzdHlsZT0iZGlzcGxheTpub25lOyI+PC9kaXY+CiAgICAgIDxkaXYgY2xhc3M9ImNmLWVycm9yLWZvb3RlciBjZi13cmFwcGVyIHctMjQwIGxnOnctZnVsbCBweS0xMCBzbTpweS00IHNtOnB4LTggbXgtYXV0byB0ZXh0LWNlbnRlciBzbTp0ZXh0LWxlZnQgYm9yZGVyLXNvbGlkIGJvcmRlci0wIGJvcmRlci10IGJvcmRlci1ncmF5LTMwMCI+CiAgICA8cCBjbGFzcz0idGV4dC0xMyI+CiAgICAgIDxzcGFuIGNsYXNzPSJjZi1mb290ZXItaXRlbSBzbTpibG9jayBzbTptYi0xIj5DbG91ZGZsYXJlIFJheSBJRDogPHN0cm9uZyBjbGFzcz0iZm9udC1zZW1pYm9sZCI+OTk5Nzk0MGM2ZjE1MGFmYTwvc3Ryb25nPjwvc3Bhbj4KICAgICAgPHNwYW4gY2xhc3M9ImNmLWZvb3Rlci1zZXBhcmF0b3Igc206aGlkZGVuIj7igKI8L3NwYW4+CiAgICAgIDxzcGFuIGlkPSJjZi1mb290ZXItaXRlbS1pcCIgY2xhc3M9ImNmLWZvb3Rlci1pdGVtIHNtOmJsb2NrIHNtOm1iLTEiPgogICAgICAgIFlvdXIgSVA6CiAgICAgICAgPGJ1dHRvbiB0eXBlPSJidXR0b24iIGlkPSJjZi1mb290ZXItaXAtcmV2ZWFsIiBjbGFzcz0iY2YtZm9vdGVyLWlwLXJldmVhbC1idG4iPkNsaWNrIHRvIHJldmVhbDwvYnV0dG9uPgogICAgICAgIDxzcGFuIGNsYXNzPSJoaWRkZW4iIGlkPSJjZi1mb290ZXItaXAiPjkxLjkwLjQyLjE1NDwvc3Bhbj4KICAgICAgICA8c3BhbiBjbGFzcz0iY2YtZm9vdGVyLXNlcGFyYXRvciBzbTpoaWRkZW4iPuKAojwvc3Bhbj4KICAgICAgPC9zcGFuPgogICAgICA8c3BhbiBjbGFzcz0iY2YtZm9vdGVyLWl0ZW0gc206YmxvY2sgc206bWItMSI+PHNwYW4+UGVyZm9ybWFuY2UgJmFtcDsgc2VjdXJpdHkgYnk8L3NwYW4+IDxhIHJlbD0ibm9vcGVuZXIgbm9yZWZlcnJlciIgaHJlZj0iaHR0cHM6Ly93d3cuY2xvdWRmbGFyZS5jb20vNXh4LWVycm9yLWxhbmRpbmciIGlkPSJicmFuZF9saW5rIiB0YXJnZXQ9Il9ibGFuayI+Q2xvdWRmbGFyZTwvYT48L3NwYW4+CiAgICAgIAogICAgPC9wPgogICAgPHNjcmlwdD4oZnVuY3Rpb24oKXtmdW5jdGlvbiBkKCl7dmFyIGI9YS5nZXRFbGVtZW50QnlJZCgiY2YtZm9vdGVyLWl0ZW0taXAiKSxjPWEuZ2V0RWxlbWVudEJ5SWQoImNmLWZvb3Rlci1pcC1yZXZlYWwiKTtiJiYiY2xhc3NMaXN0ImluIGImJihiLmNsYXNzTGlzdC5yZW1vdmUoImhpZGRlbiIpLGMuYWRkRXZlbnRMaXN0ZW5lcigiY2xpY2siLGZ1bmN0aW9uKCl7Yy5jbGFzc0xpc3QuYWRkKCJoaWRkZW4iKTthLmdldEVsZW1lbnRCeUlkKCJjZi1mb290ZXItaXAiKS5jbGFzc0xpc3QucmVtb3ZlKCJoaWRkZW4iKX0pKX12YXIgYT1kb2N1bWVudDtkb2N1bWVudC5hZGRFdmVudExpc3RlbmVyJiZhLmFkZEV2ZW50TGlzdGVuZXIoIkRPTUNvbnRlbnRMb2FkZWQiLGQpfSkoKTs8L3NjcmlwdD4KICA8L2Rpdj48IS0tIC8uZXJyb3ItZm9vdGVyIC0tPgoKICAgIDwvZGl2PjwhLS0gLyNjZi1lcnJvci1kZXRhaWxzIC0tPgogIDwvZGl2PjwhLS0gLyNjZi13cmFwcGVyIC0tPgoKICA8c2NyaXB0PgogICAgd2luZG93Ll9jZl90cmFuc2xhdGlvbiA9IHt9OwogICAgCiAgICAKICA8L3NjcmlwdD4KCgo8L2JvZHk+PC9odG1sPg=="}},"submit":{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":["openphish"],"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-09T22:34:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-04T22:34:21Z","timestamp":1762295661,"ip_dst":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.15","port":40978,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)","source":"{\"timestamp\":\"2025-11-04T22:34:21.286085+0000\",\"flow_id\":82725355469788,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":40978,\"dest_ip\":\"172.66.44.114\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2057746,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_11_20\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_11_20\"]}},\"tls\":{\"sni\":\"growth-verify-2301847569.pages.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3511,\"start\":\"2025-11-04T22:34:21.277468+0000\"}}"}],"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev/team","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"growth-verify-2301847569.pages.dev","ip":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-09-02","domain_rank":0,"first_seen":"2025-11-04T13:37:42.901938Z","last_seen":"2025-11-04T13:37:42.901938Z","alert_count":24,"request_count":6,"received_data":37096,"sent_data":2610,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-11-02T22:17:11.427094Z","alert_count":0,"request_count":2,"received_data":99761,"sent_data":811,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-04T22:34:21Z","timestamp":1762295661,"ip_dst":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.15","port":40978,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)","source":"{\"timestamp\":\"2025-11-04T22:34:21.286085+0000\",\"flow_id\":82725355469788,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":40978,\"dest_ip\":\"172.66.44.114\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2057746,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_11_20\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_11_20\"]}},\"tls\":{\"sni\":\"growth-verify-2301847569.pages.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3511,\"start\":\"2025-11-04T22:34:21.277468+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab1ac4cf0f484cc9f859c0a7983353e0","sha1":"2da142b1135bd10cdbed4a7353e4483acc30ebe9","sha256":"50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324","sha512":"9e2901fe2c4505797cbc7d3853280cb3450188bd0cba66ffe5c8055687578c849b31a74c6b56881bb07c195217e9604a88ba6995a4275419ca076424ebe88b0a","ssdeep":"","tlshash":"73d0a72677ee14a8129bb031154e2705212180024002870d7a1c92359fe0e2708259e3","size":210,"data":"","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-04-05T13:46:27.660771Z","times_seen":347758,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"34df99ef0602560c811e58e4711c99e3","sha1":"88dea8841635da3e1130ce19e3718ceb17a95a35","sha256":"18a52fd2cc16c86bcba28796b0e231144f219cc87e049c41d9d378b880a42fba","sha512":"df8104390e5066c45a916d84fbfe2f754d6a94cf429dd6cf62e207193f298db51f17567e50c87bc2842e2a0888ed75fc564066ec863dfcbf9b4362b9bcc8a7bc","ssdeep":"","tlshash":"ebb0929f218316b4179e3a76d02a43667620501244199800fd1ca6948f9195a808bd4d","size":115,"data":"","first_seen":"2025-04-28T14:01:07.115316Z","last_seen":"2026-04-05T13:13:49.147205Z","times_seen":119976,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"56df91490fa1984fa82b297dcb23c22d","sha1":"2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9","sha256":"275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24","sha512":"537ac565ea049803015a3b15881913d8179eafc11f95ac99dfe0ee842ac3d496ea3c6e1c167274357b7443e32ea9efab72400b95798479c5a5c81c9aabc88e8b","ssdeep":"","tlshash":"bbe0dfbbbb192e3906efa67771aee74a3676c091acc05560092ccc940b3fec4d03a1d4","size":375,"data":"","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-04-05T13:48:05.464322Z","times_seen":397405,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"16f6161217e242dffadf4241d174abcc","sha1":"304832d02caf7b8a45ea29c321993d7eba48be67","sha256":"390eefa5af21228aaab4bb7eb68043b2468a645b3c861aaba17b226cc8c05d95","sha512":"886e6c321c801fa26a1363e65eb9ddd6f15617044d57f2b458d235cb396119dbc35e216178258e47ed6a73ad9a6f558e12605621bb3bae8e463c56ae6f9f6d18","ssdeep":"","tlshash":"869004534011730005710337175555403335501310314c0437cdc1153f51f57cf05340","size":46,"data":"","first_seen":"2025-03-04T09:24:28.966015Z","last_seen":"2026-04-05T13:30:18.145765Z","times_seen":211149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eba9f7820c40409c59716be12ee33e39","sha1":"7813932b24d9dbea482f31e212531e5d732275f8","sha256":"ce1490c69bd01a0c8eb1351a5f2565e33f7eaa2a347f7d4cc5dfbf2c5507319b","sha512":"0488e30fe633f6ec6089f9953eeffe437f63bfac317977e2b27a22e7c0ad41c7b90f84e2d2361ae499a4c9cd3a0eb28e7834c79949694bb79c0dd018c518f4c4","ssdeep":"768:1C6jR2KMga+LUU6c9Db69qBuug2Uw5jOyhzVNY1EbV9tGcpfBgQfuWVuY8t:r2Pga+LUU6cRxuX2bhmDt","tlshash":"8e232a583256397226d980e0b17b63437326753ae94ccc50a423d936267cecad233fba","size":49429,"data":"","first_seen":"2025-10-31T18:17:03.300524Z","last_seen":"2025-11-07T16:37:25.743962Z","times_seen":3237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.44.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-04T22:34:21.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"growth-verify-2301847569.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 11:17:28 GMT","end":"Sun, 01 Feb 2026 12:16:11 GMT"},"fingerprint":{"sha1":"AE:1C:A5:7D:76:17:62:E6:57:83:B6:07:2B:AE:F5:BC:4D:E4:92:85","sha256":"78:74:18:DE:AE:79:2C:29:DD:42:47:58:78:A7:71:D3:52:5F:59:65:EA:FF:0D:52:DF:C7:57:C9:7E:95:63:8A"}}},"request":{"raw":"GET /team HTTP/1.1\r\nHost: growth-verify-2301847569.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 04 Nov 2025 22:34:21 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w3IIBCjUbwpN8G000jRPU8cmrsDdYGiKIb6ScwE3zhVyEYVcPrX9069Lr7X8HUCEx0swhhOUrUUU%2FAuijjGK8UBaCg%2BpgGCEnTr9ENjPrAGnDm7F1J6j4YR%2FEX9%2BiCYL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9997940b1f9856c6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4386,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"b6f4fa01643332acec3af10124c25cd7","sha1":"38f0505c242428795c30049b00b9d560247939e2","sha256":"82b8d138d5b5efa8f112e3b485904b6c56ae2ce22d0c17d8c4bbe964c6412315","sha512":"075bfd8365884005bdd15d56bd5977a11592ebb10841671dfa73a9abcaed2ce576cc538082253238312c4dc7cab428f23859cde13b51f882a7c3607c30a6c0f6","ssdeep":"96:fjFj7jOjEHDK/D5DMFGzLeiO/t8G2u27RLlvaQxvbzM:fjFj7jOjEjK/VounOVGu271lCejzM","tlshash":"6a915266fabd107f20d3917361bd630a7aa18043da9708907abcc2751f8ef95aa131c5","first_seen":"2025-11-04T22:34:44.581446Z","last_seen":"2025-11-04T22:34:44.581446Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":27,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev/team","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/team","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.142","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-04T22:34:21.513Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /team HTTP/1.1\r\nHost: growth-verify-2301847569.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Tue, 04 Nov 2025 22:34:21 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nReferrer-Policy: same-origin\r\nX-Frame-Options: SAMEORIGIN\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2itHGMVdUCgoL4CVo4VwIgPb%2FQBYoVk7VT6guplllGYits7amY5w92fb83sAW5EEJE8SGV7FiqY0H%2BV3Kf3WkZYreijV2lKH3d23ytC6a9xdQvb2DGsAYCFErfbBalem\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9997940c6f150afa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4386,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"afbaf00b647d90a14951a20041bd5bde","sha1":"d1d68ffe773e3ebd0e015be7cb889dea29a882a5","sha256":"141b35e88a5700313b65c7bdf282c997a5f68f0836c8e7fdbe98fdd18b4a6761","sha512":"0de306004d46af361e3383b2112f011a2ca4b0c25f86a82a187c95467a95232f44f75bc631eebee365620c339ab3962bcadf1ced5359cb5033a87e619bf95387","ssdeep":"96:fjFj7jOjEHDK/D5DMFGzLeiO/t8G2uz7RLlvaQxvbzM:fjFj7jOjEjK/VounOVGuz71lCejzM","tlshash":"b5915266fabd107f20d3917361bda30a7aa18043da9608907abcc2351f8ef95ae131c5","first_seen":"2025-11-04T22:34:44.587057Z","last_seen":"2025-11-04T22:34:44.587057Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev/team","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://growth-verify-2301847569.pages.dev/team","date":"2025-11-04T22:34:21.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 04 Nov 2025 22:34:21 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/b/e8e65e95f26d/api.js\r\nvary: accept-encoding\r\nserver: cloudflare\r\ncf-ray: 9997940e2e410883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":16,"dns":0,"connect":1,"send":0,"wait":4,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.142","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://growth-verify-2301847569.pages.dev/team","date":"2025-11-04T22:34:21.847Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1\r\nHost: growth-verify-2301847569.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://growth-verify-2301847569.pages.dev/cdn-cgi/styles/cf.errors.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 04 Nov 2025 22:34:21 GMT\r\nContent-Type: image/png\r\nContent-Length: 452\r\nConnection: keep-alive\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WR4ycZVOmYfs9S7JX1NSRNKRBvu1AvGYMxiSgBCnhWK3738Exi6MCKAdWPUfmZDJLjn%2FzZdW9Zl6dycUKWunfpIjCfCKm0wW%2F6iK3dXp00S2L7EKx0ZErZyNTDYx9D1m\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9997940e78370afa-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":452,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 54 x 54, 8-bit colormap, non-interlaced","md5":"c33de66281e933259772399d10a6afe8","sha1":"b9f9d500f8814381451011d4dcf59cd2d90ad94f","sha256":"f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016","sha512":"5834fb9d66f550e6cecfe484b7b6a14f3fca795405dece8e652bd69ad917b94b6bbdcdf7639161b9c07f0d33eabd3e79580446b5867219f72f4fc43fd43b98c3","ssdeep":"","tlshash":"14f05c45c595e9f5a90330586311ca15ab7701c6276726c9d3854032a456482ca97f86","first_seen":"2023-04-12T19:44:04Z","last_seen":"2026-04-05T13:13:49.105017Z","times_seen":298341,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/e8e65e95f26d/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://growth-verify-2301847569.pages.dev/team","date":"2025-11-04T22:34:21.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 18:59:09 GMT","end":"Wed, 21 Jan 2026 19:59:05 GMT"},"fingerprint":{"sha1":"62:5E:2A:E5:F4:DE:73:E8:94:15:72:65:28:EB:70:25:A8:D2:E7:61","sha256":"2D:41:D6:2B:6A:BB:89:80:01:28:9F:35:0B:2B:F4:6C:0D:B6:B1:E4:7E:E4:AC:35:2A:E0:69:DB:94:45:F7:D3"}}},"request":{"raw":"GET /turnstile/v0/b/e8e65e95f26d/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 04 Nov 2025 22:34:21 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Fri, 31 Oct 2025 16:21:43 GMT\r\npriority: u=3,i=?0\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9997940eaeeda41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49428)","md5":"eba9f7820c40409c59716be12ee33e39","sha1":"7813932b24d9dbea482f31e212531e5d732275f8","sha256":"ce1490c69bd01a0c8eb1351a5f2565e33f7eaa2a347f7d4cc5dfbf2c5507319b","sha512":"0488e30fe633f6ec6089f9953eeffe437f63bfac317977e2b27a22e7c0ad41c7b90f84e2d2361ae499a4c9cd3a0eb28e7834c79949694bb79c0dd018c518f4c4","ssdeep":"768:1C6jR2KMga+LUU6c9Db69qBuug2Uw5jOyhzVNY1EbV9tGcpfBgQfuWVuY8t:r2Pga+LUU6cRxuX2bhmDt","tlshash":"8e232a583256397226d980e0b17b63437326753ae94ccc50a423d936267cecad233fba","first_seen":"2025-10-31T18:17:03.300524Z","last_seen":"2025-11-07T16:37:25.743962Z","times_seen":3237,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"growth-verify-2301847569.pages.dev/favicon.ico","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://growth-verify-2301847569.pages.dev/team","date":"2025-11-04T22:34:22.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"growth-verify-2301847569.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 03 Nov 2025 11:17:28 GMT","end":"Sun, 01 Feb 2026 12:16:11 GMT"},"fingerprint":{"sha1":"AE:1C:A5:7D:76:17:62:E6:57:83:B6:07:2B:AE:F5:BC:4D:E4:92:85","sha256":"78:74:18:DE:AE:79:2C:29:DD:42:47:58:78:A7:71:D3:52:5F:59:65:EA:FF:0D:52:DF:C7:57:C9:7E:95:63:8A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: growth-verify-2301847569.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 04 Nov 2025 22:34:22 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\nreferrer-policy: strict-origin-when-cross-origin\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FCw2JTtvCIstKGz0OUBQ0fxd00zMCaZSDr41qgG9slqg1iZz1Q9%2FISLrW4jiBVfOGgd39q47mns630HFxyei1hWA0LGqt%2BaivgdS5jZqg%2FFIQbwtvFdzNx%2Fr2wcl5KAEe4s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9997940fcfcaa41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":44,"receive":3,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/cdn-cgi/styles/cf.errors.css","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.142","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://growth-verify-2301847569.pages.dev/team","date":"2025-11-04T22:34:21.770Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/styles/cf.errors.css HTTP/1.1\r\nHost: growth-verify-2301847569.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://growth-verify-2301847569.pages.dev/team\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 04 Nov 2025 22:34:21 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MImSOSPS0wtHN0f5dxjpD9NQiMNfhnkR8jRF0br8xHC50KD3c2Ob%2Bb1Zcr%2F30n1USUYCZBNQvaoyuuQr3CzhkQeGew%2FEDVZIh7mtqsyVDtG3lAoqdnaCthUS0alXi8ro\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9997940dfff70afa-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24051,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24050)","md5":"5e8c69a459a691b5d1b9be442332c87d","sha1":"f24dd1ad7c9080575d92a9a9a2c42620725ef836","sha256":"84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091","sha512":"6db74b262d717916de0b0b600eead2cc6a10e52a9e26d701fae761fcbc931f35f251553669a92be3b524f380f32e62ac6ad572bea23c78965228ce9efb92ed42","ssdeep":"192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk","tlshash":"86b21323e5f5381a2516a13ca08a92dc69356073f7f30e9eb985d06cd78dd791f226c3","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:46:27.660279Z","times_seen":416427,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"growth-verify-2301847569.pages.dev/favicon.ico","fqdn":"growth-verify-2301847569.pages.dev","domain":"growth-verify-2301847569.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.47.142","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://growth-verify-2301847569.pages.dev/team","date":"2025-11-04T22:34:22.002Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: growth-verify-2301847569.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://growth-verify-2301847569.pages.dev/team\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Tue, 04 Nov 2025 22:34:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: https://growth-verify-2301847569.pages.dev/favicon.ico\r\nVary: accept-encoding\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fl%2FriMCY71ixPJAnX11RaitMfeLJV3%2F4tS32TuWNvJRZDhKI6hs3ZSQdqBQdD%2FKNo%2FA3FFPNeaSaygykXooBRm8r0vy0arU6maG1GSpaZRImYZW23hi7w1CPYglqSw7Z\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9997940f689c0afa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-11-04","alert":"Phishing - Facebook, Inc.","trigger":"growth-verify-2301847569.pages.dev","verdict":"phishing","severity":"medium","comment":"Facebook, Inc.","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-04","alert":"Sinkholed","trigger":"growth-verify-2301847569.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}