Report Overview
URL
cnvalores.icu
Finishing URL
cnvalores.icu/index_real.html
IP / ASN
185.236.228.43
Title
Facebook
Phishing - Facebook
Detections
urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
5
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
unpkg.com | 1093 | 2016-01-06 | 2016-01-07 | 2026-06-01 | 1.4 kB | 4.3 MB |  104.18.0.22 |   |
cnvalores.icu 114 alert(s) on this Host | unknown | 2026-06-03 | 2026-06-06 | 2026-06-06 | 9.0 kB | 1.3 MB | 185.236.228.43 |       |
www.googletagmanager.com | 283 | 2011-11-11 | 2012-10-04 | 2026-05-31 | 867 B | 731 kB |  142.250.178.104 |
Fly.io (PaaS)
Fly is a platform for running full stack apps and databases.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.IIS:10.0 (Web servers)
Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.Windows Server (Operating systems)
Windows Server is a brand name for a group of server operating systems.Microsoft ASP.NET (Web frameworks)
ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.Google Tag Manager (Tag managers)
Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.Google Analytics (Analytics)
Google Analytics is a free web analytics service that tracks and reports website traffic.Unpkg (CDN)
Unpkg is a content delivery network for everything on npm.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 185.236.228.43 | ET INFO Suspicious Domain (*.icu) in TLS SNI | |
| medium | 185.236.228.43 | Client IP | ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Cloudflare DNS | cnvalores.icu | malicious | Sinkholed |
| OpenDNS | cnvalores.icu | phishing | Phishing Block |
| DigiCert UltraDNS | cnvalores.icu | malicious | Sinkholed |
| Hagezi Threat Feed | cnvalores.icu | malicious | Sinkholed |
| Quad9 DNS | cnvalores.icu | malicious | Sinkholed |
JavaScript (10)
No JavaScripts
HTTP Transactions (24)
| URL | IP | Response | Size |
|---|