{"report_id":"238277d8-c269-424d-a837-8df5bc2317d2","version":6,"status":"done","tags":[],"date":"2026-01-08T09:30:40Z","url":{"schema":"http","addr":"cltl-logln.com/","fqdn":"cltl-logln.com","domain":"cltl-logln.com","tld":"com"},"ip":{"addr":"144.31.244.160","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cltl-logln.com/","fqdn":"cltl-logln.com","domain":"cltl-logln.com","tld":"com"},"title":"CIT Bank Online | CDs | Savings | Home Loans","dom":{"size":57439,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (38479)","md5":"0154369c9d232d9ab40f104dd394a923","sha1":"ce3706c2d663a931c48a2effccda390c1d37fb46","sha256":"fb1267c8fbc9cd416ccc15f8f386c0def0a7b9cd69ddd12768b64ffd67cd4a07","sha512":"208aa3b1e57bb1b193993f0ae20541725fe4bef73d6aa245606d8b75f232de75902783519fc5c62e18dc9c8817ea6f6e43e184a70aff8155b0d05c741d706686","ssdeep":"768:mLZIL99BGynWhoNeMCYoNScOEXY9xVrJTSmYCcWoY6f0zXjvDxe8dZpIAVMIGmef:mVIx9BIoe1YWEd22JXjJLtMIxGmy","tlshash":"c443f1f918af5a005742ad666a45f27aac803d47b268160076bce739cf4f735938336d","dom_hash":"domhash2160a9aab7f8fd18423ff55c722e1ba0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cltl-logln.com/","fqdn":"cltl-logln.com","domain":"cltl-logln.com","tld":"com"},"ip":{"addr":"144.31.244.160","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-12T09:30:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"cltl-logln.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"cltl-logln.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cltl-logln.com","ip":{"addr":"144.31.244.160","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-12-19","domain_rank":0,"first_seen":"2026-01-08T09:30:40.462253Z","last_seen":"2026-01-08T09:30:40.462253Z","alert_count":2,"request_count":1,"received_data":2677764,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cltl-logln.com/","fqdn":"cltl-logln.com","domain":"cltl-logln.com","tld":"com"},"ip":{"addr":"144.31.244.160","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"261fa5f948bd99fdf005f80595805744","sha1":"51d57156b1974322b3ba8542f48893082199d5e1","sha256":"1dcf3b0e1f92d593867169c5ee26771d2f3b77f552eee6c73beba961b91d61b7","sha512":"532ff30dfdd593068e7afc5f98cb1bc72408e594f297911c0a7c590c97a2ed6be6b91981322dfe3b3e90f21241404ae8692139732372f119279dbdf29f3ae429","ssdeep":"","tlshash":"a6015927222233707ce9d5dca8b6dd8e39bb501ae40a0090a09f944d1834bc644f7bec","size":847,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-13T05:54:34.953373Z","times_seen":3348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cltl-logln.com/","fqdn":"cltl-logln.com","domain":"cltl-logln.com","tld":"com"},"ip":{"addr":"144.31.244.160","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5e376f206b9607e90dd1c5a394ef3f6","sha1":"3de5f1e49e1741621afbbf007f5a8a2e00d67c65","sha256":"bade9775ad42b418c083232e6fce2904286202c3004bb42bde12a6f60f9c568c","sha512":"44810a6283b36108fc4e1ee66528eab2c30876a7e0767b797abd2ce80c0443aa516da34235d83d0a7cbf29edfd1f3cb001b034a2fa73389d25065271fcf8751c","ssdeep":"","tlshash":"aaf0a26582250bf014c7d01e839d7f5075ee08be3158d203b5dd4f553fa2068421e6fb","size":628,"data":"","first_seen":"2026-01-08T09:30:44.020524Z","last_seen":"2026-01-08T09:30:44.020524Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cltl-logln.com/","fqdn":"cltl-logln.com","domain":"cltl-logln.com","tld":"com"},"ip":{"addr":"144.31.244.160","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T09:30:15.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cltl-logln.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 14:24:30 GMT","end":"Thu, 19 Mar 2026 14:24:29 GMT"},"fingerprint":{"sha1":"B4:CD:79:4D:CC:05:69:A3:E3:D6:2A:89:E3:90:7D:30:1E:03:85:8C","sha256":"F2:A0:5D:96:C1:8A:E8:E6:01:8F:2C:D6:9D:7A:C9:75:44:04:27:3B:97:A0:7D:63:1B:50:CA:90:28:F1:87:EF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cltl-logln.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Thu, 08 Jan 2026 09:30:16 GMT\r\nContent-Type: text/html; charset=utf-8\r\nLast-Modified: Thu, 20 Nov 2025 19:45:40 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"691f6fe4-28daf9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2677497,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (42054)","md5":"4fb4c4a9edab4a3b11abb294cc55384f","sha1":"f6ac8222efb1fbff8fbae8a0b67cb0da348a3ddf","sha256":"21b9f53f1c90bae5b43a15028dad6c873e1c332129518636f7e29e13d58127c2","sha512":"008617a4d6a5618eb150b26eca498aaef43468aeb245ebb86edf22091b56058fc4dde9243c0b9b29a5d9af5fe552f87d236165934619d00c8ce288c334ca095b","ssdeep":"6144:gwNGxbf9d0F+8qA9YTdhSYimX6wZ1JKCJH1H2iwu1Oa/5kPc7a/5kPc+ZiqyfvCT:9NGd8khQIv1MCD91ryfi","tlshash":"58252bf15942200cb66389fbc3d1bf04d9eca8c2df131e9af6d53e5943db4ea1286619","first_seen":"2026-01-08T09:30:44.015485Z","last_seen":"2026-01-08T09:30:44.015485Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1591,"timings":{"blocked":267,"dns":9,"connect":118,"send":0,"wait":246,"receive":811,"ssl":137},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"cltl-logln.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"cltl-logln.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}