{"report_id":"2126c572-7974-4249-b4b9-4f2019fc5b38","version":6,"status":"done","tags":[],"date":"2026-02-25T18:29:31Z","url":{"schema":"http","addr":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","domain":"sdbdbn.icu","tld":"icu"},"ip":{"addr":"104.21.62.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu/","fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","domain":"sdbdbn.icu","tld":"icu"},"title":"Sign in - Professional Email","dom":{"size":88171,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (21090)","md5":"13b66d107baf751bb33e1c1d8ffb065d","sha1":"37e0c483ac56690763e94d1ede826091d0b5773f","sha256":"af1d78df8be96174ced8e9d63b0b4ab44d2969970678305d4f56db60348b884c","sha512":"3f62f1f7418c2c8e83826520f44f89d9692fe1acf5ac12b4007327b2f4bbf17cf8edda5e53cbc4211296cd1627237101389c9fac415efa38334f3e507966920e","ssdeep":"768:VMUtZMT65SeFHfxnZ+tLZquNOYsFu2sZyFy3Y8Is4UFNWBjE+xQFq8ryNiW9tFUd:VMeZnLF/x00Rfu2H5Qo8rlAtm","tlshash":"9283f66c94f315793a13607937ef56193238e107890aae68becd9294cfc93f418d7b86","dom_hash":"domhash0cf36a39cfebd6abafb9fe7d10cbe6c9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","domain":"sdbdbn.icu","tld":"icu"},"ip":{"addr":"104.21.62.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-01T18:29:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-25T18:29:10Z","timestamp":1772044150,"ip_dst":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41156,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-02-25T18:29:10.498343+0000\",\"flow_id\":951119424928781,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.34\",\"src_port\":41156,\"dest_ip\":\"188.114.97.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3440,\"start\":\"2026-02-25T18:29:10.474125+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-09","domain_rank":0,"first_seen":"2026-02-25T12:22:51.97782Z","last_seen":"2026-02-25T12:22:51.97782Z","alert_count":4,"request_count":1,"received_data":90104,"sent_data":509,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-02-22T23:01:24.734653Z","alert_count":0,"request_count":1,"received_data":89131,"sent_data":409,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-09T01:14:18.050647Z","times_seen":133088,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu/","fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","domain":"sdbdbn.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9a1099036be86d76d1ede5fab961da43","sha1":"e4d9733fb9f3c65847c02b1ddb10107ca10a5b80","sha256":"ec9f31104d287b1adcdd2265260fd74eb118871ad60298cde5948b85a094d9f8","sha512":"8df7a2e5d61775b8f81a989a6c096959e70bf219c5e54b6c0e28f182871020039fab81627b914dfcad19ba74793ff9c228304fe0a8c7ec9cce09d0a158279895","ssdeep":"","tlshash":"9911ac87b4e80c530703b03a447b454d3131704706481c94bc2d6a489f3c97dbaef7ea","size":859,"data":"","first_seen":"2026-02-25T12:22:53.726414Z","last_seen":"2026-02-25T18:29:32.661917Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,ZG9jdW1lbnQuYWRkRXZlbnRMaXN0ZW5lcigia2V5dXAiLCBmdW5jdGlvbiAoZSkgewogICAgICAgIGxldCBrZXlDb2RlID0gZS5rZXlDb2RlID8gZS5rZXlDb2RlIDogZS53aGljaDsKICAgICAgICBpZiAoa2V5Q29kZSA9PSA0NCkgewogICAgICAgICAgICBuYXZpZ2F0b3IuY2xpcGJvYXJkLndyaXRlVGV4dCgiIik7CiAgICAgICAgfQogICAgfSk7CiAgICBkb2N1bWVudC5hZGRFdmVudExpc3RlbmVyKCdrZXl1cCcsIChlKSA9PiB7CiAgICAgICAgaWYgKGUua2V5ID09ICdQcmludFNjcmVlbicpIHsKICAgICAgICAgICAgbmF2aWdhdG9yLmNsaXBib2FyZC53cml0ZVRleHQoIiIpOwogICAgICAgIH0KICAgIH0pOwogICAgZG9jdW1lbnQuYWRkRXZlbnRMaXN0ZW5lcigna2V5ZG93bicsIChlKSA9PiB7CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleSA9PSAncCcpIHsKICAgICAgICAgICAgZS5jYW5jZWxCdWJibGUgPSB0cnVlOwogICAgICAgICAgICBlLnByZXZlbnREZWZhdWx0KCk7CiAgICAgICAgICAgIGUuc3RvcEltbWVkaWF0ZVByb3BhZ2F0aW9uKCk7CiAgICAgICAgfQogICAgfSk7CiAgICB3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcigna2V5ZG93bicsIGFzeW5jKGUpID0+IHsKICAgICAgICBpZiAoZS5jdHJsS2V5ICYmIChlLndoaWNoID09IDgzKSkgewogICAgICAgICAgICBlLnByZXZlbnREZWZhdWx0KCk7IHJldHVybiBmYWxzZX0KICAgIH0pOwogICAgd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJ2NvbnRleHRtZW51JywgZXZlbnQgPT4gZXZlbnQucHJldmVudERlZmF1bHQoKSk7CiAgICBkb2N1bWVudC5vbmtleWRvd24gPSAoZSkgPT4gewogICAgICAgIGlmIChldmVudC5rZXlDb2RlID09IDEyMykge3JldHVybiBmYWxzZX0KICAgICAgICBpZiAoZS5jdHJsS2V5ICYmIGUua2V5Q29kZSA9PSAnRScuY2hhckNvZGVBdCgwKSkge3JldHVybiBmYWxzZX0KICAgICAgICBpZiAoZS5jdHJsS2V5ICYmIGUuc2hpZnRLZXkgJiYgZS5rZXlDb2RlID09ICdJJy5jaGFyQ29kZUF0KDApKSB7cmV0dXJuIGZhbHNlfQogICAgICAgIGlmIChlLmN0cmxLZXkgJiYgZS5zaGlmdEtleSAmJiBlLmtleUNvZGUgPT0gJ0onLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleUNvZGUgPT0gJ1UnLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleUNvZGUgPT0gJ1MnLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleUNvZGUgPT0gJ0gnLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleUNvZGUgPT0gJ0EnLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleUNvZGUgPT0gJ0YnLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICAgICAgaWYgKGUuY3RybEtleSAmJiBlLmtleUNvZGUgPT0gJ0UnLmNoYXJDb2RlQXQoMCkpIHtyZXR1cm4gZmFsc2V9CiAgICB9OwoKICAgIHdpbmRvdy5vbmtleWRvd24gPSAoZSkgPT4gewogICAgICAgIHJldHVybiAhKGUuY3RybEtleSAmJiAoZS5rZXlDb2RlID09PSA2NyB8fCBlLmtleUNvZGUgPT09IDg1IHx8IGUua2V5Q29kZSA9PT0gODggfHwgZS5rZXlDb2RlID09PSAxMTcpKTsKICAgIH07","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b428f3f9f241cccc9022faba1f3e11be","sha1":"9e3500b4bf987ff7abf3dc4103ebbbe9258fc796","sha256":"4ec89a3922d200e893d19369cdee5052783b511da87a0745edb370d4f38798f9","sha512":"16a80a427275b9480ea062fb6e1666ec576389aa1f326961261ee8d688bc279aecc179d2e2239ba4081799701cf7f8cdfbef0d94a911247d6fb48602a33525c5","ssdeep":"","tlshash":"2131369578975c70d8b731bb1fabd24779321883844c9548be4c8e49bfc282883baf20","size":1713,"data":"","first_seen":"2025-02-11T20:48:05.885749Z","last_seen":"2026-06-02T13:49:39.627566Z","times_seen":250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu/","fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","domain":"sdbdbn.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"704fb303e18abe582cdff0c92b359d25","sha1":"4c01c359f33a851f0ed4488035e03274b7070ab3","sha256":"be210b4b600a27f7fc4e320ac4be8b21dcf58217d211b225735fc4d150470de4","sha512":"a13dce36f484be93ba6d04622ef37a3526e5e648705e5e132e6bb19276663a8f11c38b6fa8345da481bbd71a7bb338d6952414695bd866a756c568e02e360f21","ssdeep":"","tlshash":"7041cbdaa1e624f04ad7b13e229f9108b5b6c7271c189c587c1c01596f34e2b6ef6fd1","size":2339,"data":"","first_seen":"2026-02-25T12:22:53.73542Z","last_seen":"2026-02-27T18:55:24.802299Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu/","fqdn":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","domain":"sdbdbn.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T18:29:10.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sdbdbn.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 17:47:13 GMT","end":"Sun, 10 May 2026 18:43:54 GMT"},"fingerprint":{"sha1":"11:DB:5D:FA:AB:E9:40:A0:1D:D3:8D:A5:7E:22:DC:91:BC:7B:E6:84","sha256":"CB:63:DB:C5:9B:54:65:40:64:01:A2:DB:E6:A8:7B:31:3D:87:BE:FF:6F:C1:DF:A5:D0:7E:3E:CF:DD:4D:91:FA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zmbra-auth-pro-verify-r37i43i.sdbdbn.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Feb 2026 18:29:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 22 Jan 2026 10:10:22 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k1ZaNq9om8fqZQA9U1pHO1RZaWqpfwAyUEoUAka5efyt6uuxnqyLI0CIyg5vS0VEJZzdiZTbT9LJ%2BNIg0uNjS0kpDUaWjYTK2A1Dnmy3fQ8KCm9OpYNk2a3sImYl9GnSJ%2FAk4YzAp%2Bs%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9d394444be3ade5f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":89500,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (21049)","md5":"3eb7c5014e1eae5f66d82e5c8e256ede","sha1":"41048c854f683d30ebdec14c037120ca1d562052","sha256":"178b0ded2a10a3d8a939053d3fe6aa5c0d3fe7e8ff08a23b7f39bd3c0b057a9b","sha512":"e6950d2cf1b9f9cf8d11d4274500ebdb32ca097701ee2cf73cb7d173410db3fde5154b61937a52b49c18d79cf933d8c19b34fdf5221021c162c9e3ad472e5441","ssdeep":"768:NMUtZMT65SeFHfxnZ+tLZquNOYsFu2sZyFy3Y8Is4UFNWBjE+xQFm8ry6iiW9tFX:NMeZnLF/x00Rfu2H5Qc8rJAtUy","tlshash":"3093f66c95f311793a13607927ef16193239e107890aae68becda294cfc93f41cd7b85","first_seen":"2026-02-25T12:22:53.720926Z","last_seen":"2026-02-25T18:29:32.660064Z","times_seen":2,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":88,"dns":53,"connect":8,"send":0,"wait":344,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"zmbra-auth-pro-verify-r37i43i.sdbdbn.icu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zmbra-auth-pro-verify-r37i43i.sdbdbn.icu/","date":"2026-02-25T18:29:11.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30774\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 12:42:26 GMT\r\nexpires: Wed, 24 Feb 2027 12:42:26 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Mon, 13 May 2019 14:37:17 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 107205\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88145,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-09T01:14:18.050647Z","times_seen":133088,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":87,"dns":0,"connect":20,"send":0,"wait":23,"receive":21,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}