{"report_id":"46acd6a0-40de-41a8-a537-842ab4a73329","version":6,"status":"done","tags":[],"date":"2026-02-14T15:52:20Z","url":{"schema":"http","addr":"webs.cloudproduction-netflix.m-kraken.net","fqdn":"webs.cloudproduction-netflix.m-kraken.net","domain":"m-kraken.net","tld":"net"},"ip":{"addr":"213.165.251.179","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"webs.cloudproduction-netflix.m-kraken.net/","fqdn":"webs.cloudproduction-netflix.m-kraken.net","domain":"m-kraken.net","tld":"net"},"title":"Web Hosting by InMotion Hosting","dom":{"size":3803,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"4d5de3738fafe758ea5e227f9e20418d","sha1":"dc69af635c4713a4c83405cc1f81e875cf144d8c","sha256":"de52c43091375c207f34c139a76e041b32a1a3d258985fadc4365dc4aada996b","sha512":"eafa104b3765cfa169c7f2fd1561b4c464b33ca8639630e654cc9b1fa05684805eabbd46ba4f77ec0aba368d3f4a8b22a06370e23df2ae3345814d10d9240c0d","ssdeep":"","tlshash":"92710e3354ee552f971793883e5ab72d6a536007868dec8bb1ac08cdcf8028e88537cd","dom_hash":"domhashbf6fb89d0bf45a10088d05cd98effd2d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"webs.cloudproduction-netflix.m-kraken.net","fqdn":"webs.cloudproduction-netflix.m-kraken.net","domain":"m-kraken.net","tld":"net"},"ip":{"addr":"213.165.251.179","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T15:52:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"webs.cloudproduction-netflix.m-kraken.net","ip":{"addr":"213.165.251.179","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":15,"request_count":3,"received_data":19809,"sent_data":1489,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.29.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.inmotionhosting.com","ip":{"addr":"172.66.41.31","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-02-15","domain_rank":488486,"first_seen":"2012-05-22T19:47:28Z","last_seen":"2026-02-10T15:11:36.438619Z","alert_count":0,"request_count":1,"received_data":480,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"design.inmotionhosting.com","ip":{"addr":"199.250.205.40","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"domain_registered":"2001-02-15","domain_rank":0,"first_seen":"2020-07-21T07:41:33Z","last_seen":"2026-02-08T06:43:30.223294Z","alert_count":0,"request_count":1,"received_data":518,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.26.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"webs.cloudproduction-netflix.m-kraken.net/","fqdn":"webs.cloudproduction-netflix.m-kraken.net","domain":"m-kraken.net","tld":"net"},"ip":{"addr":"213.165.251.179","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T15:51:59.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webs.cloudproduction-netflix.m-kraken.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 19:37:15 GMT","end":"Wed, 13 May 2026 19:37:14 GMT"},"fingerprint":{"sha1":"4C:AC:07:74:4A:2B:16:F5:E5:C3:D1:33:B5:77:18:5C:C7:FE:F5:64","sha256":"08:B5:F0:81:DA:83:4D:6B:78:1D:9D:22:53:58:C9:05:96:28:6C:08:2A:92:DE:0D:8A:9C:1D:7C:27:12:CF:BA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: webs.cloudproduction-netflix.m-kraken.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.29.4\r\ndate: Sat, 14 Feb 2026 15:51:59 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Wed, 26 Jun 2024 18:45:31 GMT\r\nx-proxy-cache: DISABLED\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.29.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3937,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6cbf62ca509cf31582853d84c072c808","sha1":"279dc86027e3559fcba5a925497c31cf252c7d5c","sha256":"52230dc2592a871dde74befcef6c97c146dbf81d16e198e9e3605f987813ef35","sha512":"0f94fc3a7ad0c56c77212cbadeb018349882b8d54be3568deaf9ac19ce0b8a27550ca6b959f8774b509d89341658a55ce2bdf5ab723ed207beb2ddefe8b0c888","ssdeep":"","tlshash":"4c811e3364ee551e571793883e5af72d2a5360079a8ddc8bb1ac08cdcf8128e8953bcd","first_seen":"2023-05-10T04:27:26Z","last_seen":"2026-06-08T23:35:06.557126Z","times_seen":95,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":80,"dns":17,"connect":16,"send":0,"wait":35,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webs.cloudproduction-netflix.m-kraken.net/logo-imh.svg","fqdn":"webs.cloudproduction-netflix.m-kraken.net","domain":"m-kraken.net","tld":"net"},"ip":{"addr":"213.165.251.179","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webs.cloudproduction-netflix.m-kraken.net/","date":"2026-02-14T15:51:59.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webs.cloudproduction-netflix.m-kraken.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 19:37:15 GMT","end":"Wed, 13 May 2026 19:37:14 GMT"},"fingerprint":{"sha1":"4C:AC:07:74:4A:2B:16:F5:E5:C3:D1:33:B5:77:18:5C:C7:FE:F5:64","sha256":"08:B5:F0:81:DA:83:4D:6B:78:1D:9D:22:53:58:C9:05:96:28:6C:08:2A:92:DE:0D:8A:9C:1D:7C:27:12:CF:BA"}}},"request":{"raw":"GET /logo-imh.svg HTTP/1.1\r\nHost: webs.cloudproduction-netflix.m-kraken.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webs.cloudproduction-netflix.m-kraken.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.29.4\r\ndate: Sat, 14 Feb 2026 15:51:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 10869\r\nlast-modified: Wed, 26 Jun 2024 18:45:31 GMT\r\naccept-ranges: bytes\r\nx-proxy-cache: DISABLED\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.29.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10869,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2af845120045853e9974d4a9a4e6d551","sha1":"ba9cc8ddc65192cde6d9d90ffaa9d1fef2dd8379","sha256":"faeb9c76749dc1524c5e1cf9363af75663a096bcb9d31a48c05fbe5c01ec4d0d","sha512":"18e675de7259100372fb62321fb91fe55bcd9a751602a2d92e0d85809f452efddfe7aeaeda31e608a0a6d0762fa7fb63ddcc55f5c51995765a29af1fc1318260","ssdeep":"192:9QA5MO8/Ujg/tmdqcDURVEzHy5VvmUYuE35fMg96z/wtThYb+XQ1D:9QASOQPFepHy5Vr0+f4zxXw","tlshash":"f122838a233ce3d875a539e84e3535c63bb8aced5971d28093176c076883eb6b55ce34","first_seen":"2023-05-10T04:27:26Z","last_seen":"2026-06-09T00:03:08.503919Z","times_seen":142,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.inmotionhosting.com/_img/body_bg.gif","fqdn":"www.inmotionhosting.com","domain":"inmotionhosting.com","tld":"com"},"ip":{"addr":"172.66.41.31","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webs.cloudproduction-netflix.m-kraken.net/","date":"2026-02-14T15:51:59.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.inmotionhosting.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Feb 2026 01:55:27 GMT","end":"Sat, 02 May 2026 02:55:25 GMT"},"fingerprint":{"sha1":"6B:78:B2:77:9E:98:34:53:7A:8B:0F:8E:18:16:1E:FE:58:7E:30:9D","sha256":"20:D0:B6:21:96:3B:88:5A:AC:7A:EA:65:D1:3E:DD:1E:A2:DA:5B:49:73:93:FC:C0:2B:45:6F:13:6B:92:E3:64"}}},"request":{"raw":"GET /_img/body_bg.gif HTTP/1.1\r\nHost: www.inmotionhosting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webs.cloudproduction-netflix.m-kraken.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sat, 14 Feb 2026 15:52:00 GMT\r\ncontent-type: text/html\r\nlocation: https://design.inmotionhosting.com/assets/legacy/_img/body_bg.gif\r\nserver: cloudflare\r\ncontent-security-policy: frame-ancestors 'self' https://app.optimizely.com\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\ncf-ray: 9cddbae77daeb1b8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T01:17:26.71202Z","times_seen":16255444,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":57,"dns":39,"connect":1,"send":0,"wait":121,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webs.cloudproduction-netflix.m-kraken.net/favicon.ico","fqdn":"webs.cloudproduction-netflix.m-kraken.net","domain":"m-kraken.net","tld":"net"},"ip":{"addr":"213.165.251.179","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webs.cloudproduction-netflix.m-kraken.net/","date":"2026-02-14T15:51:59.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webs.cloudproduction-netflix.m-kraken.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 19:37:15 GMT","end":"Wed, 13 May 2026 19:37:14 GMT"},"fingerprint":{"sha1":"4C:AC:07:74:4A:2B:16:F5:E5:C3:D1:33:B5:77:18:5C:C7:FE:F5:64","sha256":"08:B5:F0:81:DA:83:4D:6B:78:1D:9D:22:53:58:C9:05:96:28:6C:08:2A:92:DE:0D:8A:9C:1D:7C:27:12:CF:BA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: webs.cloudproduction-netflix.m-kraken.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://webs.cloudproduction-netflix.m-kraken.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.29.4\r\ndate: Sat, 14 Feb 2026 15:51:59 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Wed, 26 Jun 2024 18:45:31 GMT\r\naccept-ranges: bytes\r\nx-proxy-cache: DISABLED\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.29.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"d019c557286aafecd80e84c9e1d62013","sha1":"8e1fc65092d7e84a7bb4776c9974ce50dd53de8d","sha256":"b4d7532f25a1284d1e5e44b345c6cc3971ac77f2cea906021dfc011a0bd2a8b9","sha512":"75ff6b3c9531b1431d8195657512e7ba55eb4f7d6c97464a49d73a2eb64aeb174a16de409e91a00900662d5347d6c03c756f5f36ffc5b5c7c48f28c934ba77c6","ssdeep":"12:suqMRX6CXxv7P32XHXqXRgaNXtF+LXC7P3uLXVLX1xLXfZXjwD6XPSvRhXQrM9a:suqMsQz0CIJ1VV/warl","tlshash":"c49174243d388389d8e5073614bdcba3de13aff195ea1640a49c7867417a113d46e438","first_seen":"2023-04-28T20:32:03Z","last_seen":"2026-06-09T00:03:08.504871Z","times_seen":1777,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"webs.cloudproduction-netflix.m-kraken.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"design.inmotionhosting.com/assets/legacy/_img/body_bg.gif","fqdn":"design.inmotionhosting.com","domain":"inmotionhosting.com","tld":"com"},"ip":{"addr":"199.250.205.40","port":443,"asn":54641,"as":"IMH-IAD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://webs.cloudproduction-netflix.m-kraken.net/","date":"2026-02-14T15:52:00.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.inmotionhosting.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Sun, 15 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"87:92:02:22:47:A4:67:F9:1A:EC:64:47:5A:70:94:86:69:17:93:4B","sha256":"C2:61:4C:39:E3:A3:95:B9:A7:C7:78:D8:F0:F2:34:B4:9B:70:C5:6F:6D:E4:70:71:B0:C9:FD:5B:D3:CC:6F:98"}}},"request":{"raw":"GET /assets/legacy/_img/body_bg.gif HTTP/1.1\r\nHost: design.inmotionhosting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://webs.cloudproduction-netflix.m-kraken.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.26.1\r\ndate: Sat, 14 Feb 2026 15:52:00 GMT\r\ncontent-type: image/gif\r\ncontent-length: 114\r\nlast-modified: Wed, 22 Feb 2023 00:03:37 GMT\r\netag: \"72-5f53ea0c782f8\"\r\nexpires: Mon, 15 Feb 2027 15:52:00 GMT\r\naccess-control-allow-origin: *\r\ncache-tag: design-system, design-system\r\ncache-control: max-age=31622400, public, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.26.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 100","md5":"9482bcb66a559b864b3ea96a8eec51aa","sha1":"6716b5a9c4f1f96cc022706dde38b11daa97c721","sha256":"e94e1fe58fced22fcae201f9c5487f904fa97cef60704a9bded8312f7a9fe408","sha512":"348887ac60f2a6ddef89024dc05a873628ae9c2c4030693cf182ca3c1eb29dda85fc5ac5cdec8d049c161e064c0c193b1eee6cf9db0950f628aa5447c75028e4","ssdeep":"","tlshash":"51b01211f573b4d8cf07c0b19c18f11018307720528ac603b8180142ece6bab8c219c6","first_seen":"2023-05-10T04:27:26Z","last_seen":"2026-06-09T00:03:08.505353Z","times_seen":192,"resource_available":false,"data":null}},"time_used":893,"timings":{"blocked":400,"dns":112,"connect":92,"send":0,"wait":92,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}