{"report_id":"134fcd86-9401-42c0-bc76-889d2e444d32","version":6,"status":"done","tags":[],"date":"2026-03-10T12:02:44Z","url":{"schema":"http","addr":"migrate-centric.com","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"ip":{"addr":"172.67.183.8","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"migrate-centric.com/Centric%20Migrate.html","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"title":"Centric Migrate","dom":{"size":1435255,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (36865)","md5":"b1a7598311335f92d6dae3e1658200a6","sha1":"ac8c67d14ea837c178839372d094f99bed9af014","sha256":"c0eadff2e1f8125fad84fbf996411fe493a1093a75b032edf1c2a7158d3395d1","sha512":"429570629b22a4c7aa1fcfe04e68494e69290e1a739bdd8f6d04d89a1fa3ae1b5c63b0f460638605d2dfb826513aac2851bbb710ef58a5b82806b49d28c5f8d3","ssdeep":"24576:4ArsANMp/IZ9iLnEcR4a1rhd7QSTi1zTghI59DJ6BtjMKHuqNYVOkn5s:RrsoiLEqv7QHQIEB22YVOk5s","tlshash":"5c652332f20c9e7e2d9792b8d3c4b6ac4da4b14bcc6e47f1b6c65157a0c2767992f420","dom_hash":"domhash6dca8e018341888965ddb0881c400352","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"migrate-centric.com","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"ip":{"addr":"172.67.183.8","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-14T12:02:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"migrate-centric.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"migrate-centric.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-02","domain_rank":0,"first_seen":"2026-03-10T12:02:44.853136Z","last_seen":"2026-03-10T12:02:44.853136Z","alert_count":2,"request_count":2,"received_data":1437362,"sent_data":1038,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"migrate-centric.com/Centric%20Migrate.html","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"261fa5f948bd99fdf005f80595805744","sha1":"51d57156b1974322b3ba8542f48893082199d5e1","sha256":"1dcf3b0e1f92d593867169c5ee26771d2f3b77f552eee6c73beba961b91d61b7","sha512":"532ff30dfdd593068e7afc5f98cb1bc72408e594f297911c0a7c590c97a2ed6be6b91981322dfe3b3e90f21241404ae8692139732372f119279dbdf29f3ae429","ssdeep":"","tlshash":"a6015927222233707ce9d5dca8b6dd8e39bb501ae40a0090a09f944d1834bc644f7bec","size":847,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-06-07T04:19:30.117869Z","times_seen":3602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"migrate-centric.com/Centric%20Migrate.html","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7e9f7d9b90d42d072e269c6e206a46","sha1":"472b6ff634881bfe74ee1cf63243edc9208cbf04","sha256":"6ef695f15267affb53967c0ac88d2d56e3fc96b740d9db7ce8fbc6cde5a4d7a7","sha512":"ecf6e1d808c67fa3e9bade3cdb215f2510ab6c154b0f035ce8108e78229d2eacecdebb7ed5656f1eb52a53e1fe0f3dc2f68d87c6515b43caee20cf5e9afdd668","ssdeep":"","tlshash":"5801895690711331d633636e630ba8a8263380a77140e8553a8e8b884fd4fd940bb7cb","size":827,"data":"","first_seen":"2026-03-10T12:02:49.574928Z","last_seen":"2026-03-10T12:32:05.008588Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"migrate-centric.com/","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-10T12:02:21.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"migrate-centric.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 05:17:00 GMT","end":"Sun, 31 May 2026 05:16:59 GMT"},"fingerprint":{"sha1":"7A:A7:F6:E9:C6:1A:F6:56:6E:31:F5:EA:31:41:E7:C0:CC:46:06:D5","sha256":"9E:FA:27:E8:70:23:11:20:3C:4A:7D:7C:C9:81:F4:0B:6D:09:05:C8:AD:58:F2:0C:38:87:C9:AC:43:4E:BF:57"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: migrate-centric.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 12:02:21 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Mon, 02 Mar 2026 06:11:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rouGuBdKZmSKj8%2Bi5tsx3SZb3MTWt3nXuZQPGJ0%2FUcOdRG%2BKBcaFSGpM6RdoF%2BHBhd1odj8LRNpwb%2FHnDVGHY1cYgDbClqnrAEDDM7mobCse%2FZM%3D\"}]}\r\nage: 711154\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9da22b843cb2de91-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":376,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"71d11ddec8e12f74c9a712d1c7b768f3","sha1":"7389e3f89f71db43e8f19b57d0ad43e535651f84","sha256":"a6ee14fd40b418ac73aaaa7daccd35c647c7931b0d66d98ef9233eea2ebbb048","sha512":"a4956c084321bb0b9bcf5a806cd5857728ad4fb406e55d305c27e21f9148f07ce38671d473caf5ed0d139203c153905e863c5ceda65ccdb07f15c86809531594","ssdeep":"","tlshash":"66e0c05664c1cd4802b0cb3cedc0f618239bc054074b5f0134cce26b2d89301c9d72c5","first_seen":"2026-03-10T12:02:49.567469Z","last_seen":"2026-03-10T12:32:05.005475Z","times_seen":2,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":43,"dns":6,"connect":8,"send":0,"wait":21,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"migrate-centric.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"migrate-centric.com/Centric%20Migrate.html","fqdn":"migrate-centric.com","domain":"migrate-centric.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-10T12:02:21.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"migrate-centric.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 05:17:00 GMT","end":"Sun, 31 May 2026 05:16:59 GMT"},"fingerprint":{"sha1":"7A:A7:F6:E9:C6:1A:F6:56:6E:31:F5:EA:31:41:E7:C0:CC:46:06:D5","sha256":"9E:FA:27:E8:70:23:11:20:3C:4A:7D:7C:C9:81:F4:0B:6D:09:05:C8:AD:58:F2:0C:38:87:C9:AC:43:4E:BF:57"}}},"request":{"raw":"GET /Centric%20Migrate.html HTTP/1.1\r\nHost: migrate-centric.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://migrate-centric.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 10 Mar 2026 12:02:21 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Mon, 02 Mar 2026 06:11:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 215486\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=1,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KEP9SEzPzFnAZB1%2Bz8peEdyCPqTX%2FeW56RZZa5DkRLxEpE5ews3uX5LTS3T9qGZeaJWcBzp29Mr2Sy6dHsBCpOczansRD4RBeEbaQBGDvKkjbto%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9da22b855af548d0-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1435249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (36850)","md5":"ff3a0c2412ffad0cc0443e1a8f4099e5","sha1":"8bfc6b824d4f8514b70339dc926b704568656fda","sha256":"c552c4520111383dada25d77e8d7ee76f6750420cfaf5010bab9a99b3eb51579","sha512":"b6d6a2c05483e68a13973e0c9b830d6e142c52ccb0c139357018176ab05301745aeb0e58f2e7c969a4106cb1a4fe52ff19bf1e9fcac728b2671bb07f5fcd14c5","ssdeep":"24576:MArsAN1p/IZ9iLnEcR4a1rhd7QSTi1zTghI59DJ64:FrsPiLEqv7QHQIE4","tlshash":"d9251234f50c352e2e1782f8a29c7e6c5d25f1c3cd3a06f176da602695d37b919bb8a0","first_seen":"2026-03-10T12:02:49.570831Z","last_seen":"2026-03-10T12:32:05.006624Z","times_seen":2,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"migrate-centric.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}