{"report_id":"2fcb31ee-45e8-4a8c-8b87-b25442cc4658","version":6,"status":"done","tags":[],"date":"2026-03-05T01:41:12Z","url":{"schema":"https","addr":"identi-austrian-iportals.top/online/reaktivierung/69808ee7f0111","fqdn":"identi-austrian-iportals.top","domain":"identi-austrian-iportals.top","tld":"top"},"ip":{"addr":"158.94.210.3","port":0,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"identi-austrian-iportals.top/error404","fqdn":"identi-austrian-iportals.top","domain":"identi-austrian-iportals.top","tld":"top"},"title":"Kein Zugang","dom":{"size":1296,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"d092494d5958f683487a3a19df998b63","sha1":"c65d0a287e39ee219c7b10209dabfabd7102f67c","sha256":"aee80d231e51742c9ba5c8fab07294ff99fc161a53d4dc5b551dd99f1f4e66f8","sha512":"24bc91f83ebee3260deb7994b0ca553d4744e50e18ac6bd4989e49a2dd92904b3659353484809de69703742b0f2bbd45738d23881908882c317b325e5232ea5f","ssdeep":"","tlshash":"bb21ab4596f3000ab427a4681ba7e6402ba4c403820bce7a3f9e6398cf89195d9e738c","dom_hash":"domhashc62a37b44caf2ab86d1d29e24c294e35","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"identi-austrian-iportals.top/online/reaktivierung/69808ee7f0111","fqdn":"identi-austrian-iportals.top","domain":"identi-austrian-iportals.top","tld":"top"},"ip":{"addr":"158.94.210.3","port":0,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-09T01:41:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-05","alert":"Phishing Block","trigger":"identi-austrian-iportals.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"identi-austrian-iportals.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"identi-austrian-iportals.top","ip":{"addr":"158.94.210.3","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-02-24","domain_rank":0,"first_seen":"2026-03-05T01:41:12.809523Z","last_seen":"2026-03-05T01:41:12.809523Z","alert_count":6,"request_count":3,"received_data":4100,"sent_data":1599,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"identi-austrian-iportals.top/online/reaktivierung/69808ee7f0111","fqdn":"identi-austrian-iportals.top","domain":"identi-austrian-iportals.top","tld":"top"},"ip":{"addr":"158.94.210.3","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-05T01:40:51.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"identi-austrian-iportals.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 10:53:06 GMT","end":"Mon, 25 May 2026 10:53:05 GMT"},"fingerprint":{"sha1":"E7:F5:6E:07:29:22:17:4A:74:4B:09:01:C1:52:7E:F8:E9:99:C8:31","sha256":"8E:31:16:C0:08:A9:69:FE:D9:F4:10:63:80:76:4D:99:64:0F:70:D8:A4:0E:AA:8F:EC:AF:F1:7D:D2:5F:38:95"}}},"request":{"raw":"GET /online/reaktivierung/69808ee7f0111 HTTP/1.1\r\nHost: identi-austrian-iportals.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Thu, 05 Mar 2026 01:40:51 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nSet-Cookie: PHPSESSID=utesem1mhjjj4lghg65gk1eebu; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nlocation: /error404\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1367,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":935,"timings":{"blocked":435,"dns":317,"connect":58,"send":0,"wait":61,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-05","alert":"Phishing Block","trigger":"identi-austrian-iportals.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"identi-austrian-iportals.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"identi-austrian-iportals.top/error404","fqdn":"identi-austrian-iportals.top","domain":"identi-austrian-iportals.top","tld":"top"},"ip":{"addr":"158.94.210.3","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-05T01:40:52.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"identi-austrian-iportals.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 10:53:06 GMT","end":"Mon, 25 May 2026 10:53:05 GMT"},"fingerprint":{"sha1":"E7:F5:6E:07:29:22:17:4A:74:4B:09:01:C1:52:7E:F8:E9:99:C8:31","sha256":"8E:31:16:C0:08:A9:69:FE:D9:F4:10:63:80:76:4D:99:64:0F:70:D8:A4:0E:AA:8F:EC:AF:F1:7D:D2:5F:38:95"}}},"request":{"raw":"GET /error404 HTTP/1.1\r\nHost: identi-austrian-iportals.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=utesem1mhjjj4lghg65gk1eebu\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 05 Mar 2026 01:40:52 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 619\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1367,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"d6b65945ffea6e70507d0d1826da7a8b","sha1":"c1937cec97c57f68595e4f13db8cb260f28c1713","sha256":"967d17ec5f84028d8f2637255b9440a5ceade1f558de2396fa2a9e41bcdbc478","sha512":"8e09964fb4730306652f1b238b8645bfe1846ac825d4e861886d0baf92a90f7d716b46aa5a86a77c16ebf647649f7683128090819423e77f9010cc9bd5421ec0","ssdeep":"","tlshash":"4521ef15d5c2144a6033a2784ba2d254ff96845383034a3e3fde7357cfb9040c6a7b8c","first_seen":"2024-08-31T08:32:36.292774Z","last_seen":"2026-03-05T01:41:15.262653Z","times_seen":6,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-05","alert":"Phishing Block","trigger":"identi-austrian-iportals.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"identi-austrian-iportals.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"identi-austrian-iportals.top/favicon.ico","fqdn":"identi-austrian-iportals.top","domain":"identi-austrian-iportals.top","tld":"top"},"ip":{"addr":"158.94.210.3","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://identi-austrian-iportals.top/error404","date":"2026-03-05T01:40:52.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"identi-austrian-iportals.top","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 10:53:06 GMT","end":"Mon, 25 May 2026 10:53:05 GMT"},"fingerprint":{"sha1":"E7:F5:6E:07:29:22:17:4A:74:4B:09:01:C1:52:7E:F8:E9:99:C8:31","sha256":"8E:31:16:C0:08:A9:69:FE:D9:F4:10:63:80:76:4D:99:64:0F:70:D8:A4:0E:AA:8F:EC:AF:F1:7D:D2:5F:38:95"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: identi-austrian-iportals.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://identi-austrian-iportals.top/error404\r\nCookie: PHPSESSID=utesem1mhjjj4lghg65gk1eebu\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 05 Mar 2026 01:40:52 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Length: 289\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":289,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"905480f90ccbd3a3578ffb2c4d21747c","sha1":"53a53104b34643aa32b689d7f55f5977f6c6a67b","sha256":"78f81f4df7e2aca2306b004dac96235a6b325e757f5377d8cccea989d37ad68d","sha512":"9a56d1c230efa056730e81a9acd702cd665f64e68a4e30deff2eaad317a20a0e8329d80db074127f29888814607f55eb19420d2c8fc9b8a8ad31915dd5b915ae","ssdeep":"","tlshash":"17d0ebffd16de0acfa0325c004c22998284401f8f0c30988adc4ec83e2e01ba8a07d0c","first_seen":"2026-03-05T01:41:15.26542Z","last_seen":"2026-03-05T01:59:23.131277Z","times_seen":2,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"identi-austrian-iportals.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-05","alert":"Phishing Block","trigger":"identi-austrian-iportals.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}