{"report_id":"5d2eb421-5a38-4b1e-a93b-0418d768cc44","version":6,"status":"done","tags":[],"date":"2026-04-28T13:39:30Z","url":{"schema":"http","addr":"conf1rmaci0n365.iceiy.com","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/?i=1","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"title":"Outlook Verification","dom":{"size":5643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (353)","md5":"d9ebf5f29b4b4755acd2351381c88a09","sha1":"08dd1289806a82579c3fad79072efd979a75d46e","sha256":"acbbd99f673f530c446bd4662d5489c389fb45f5e3ba617b07511aa5718d6d79","sha512":"250fe8978153cc72a0efbface976dd178ca6c298448f1877a2fcf6d9ed46c9943ccdd79bea2679127d4914a197cbe79cf0a17c64b083a76e65cbf37a58a52b34","ssdeep":"96:jbjgElAQfbjgElAQvaipoFVYql+kox9xQ62mm5vfFAM/:Xj5lzDj5lzva6qix9xi5HFV/","tlshash":"2fc185db3db9882a579391d2a5b6f00c64435107ea5acd5176ec82b83fc4fda8d0379c","dom_hash":"domhasha142d369f48d9ce2b8643a29c91b751d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"conf1rmaci0n365.iceiy.com","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:39:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"cdn.glitch.global","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-04-26T22:40:43.159605Z","alert_count":0,"request_count":1,"received_data":859,"sent_data":1052,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-26T22:34:03.62582Z","alert_count":0,"request_count":1,"received_data":60343,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ads.vidoomy.com","ip":{"addr":"79.127.237.161","port":443,"asn":60068,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2017-02-22","domain_rank":294046,"first_seen":"2017-10-13T15:24:41Z","last_seen":"2026-04-24T12:43:18.720387Z","alert_count":0,"request_count":2,"received_data":554,"sent_data":862,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-26T22:25:05.471148Z","alert_count":0,"request_count":3,"received_data":1138259,"sent_data":1332,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.freepnglogos.com","ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2016-10-07","domain_rank":880176,"first_seen":"2017-02-09T09:00:11Z","last_seen":"2026-04-27T13:54:49.3719Z","alert_count":0,"request_count":1,"received_data":46329,"sent_data":495,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"conf1rmaci0n365.iceiy.com","ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-12-06","domain_rank":0,"first_seen":"2026-04-28T02:47:51.705422Z","last_seen":"2026-04-28T02:47:51.705422Z","alert_count":30,"request_count":10,"received_data":86507,"sent_data":5341,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-04-26T23:27:43.968903Z","alert_count":0,"request_count":1,"received_data":90462,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.glitch.global","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-09-09","domain_rank":2823658,"first_seen":"2022-01-13T10:18:16Z","last_seen":"2026-04-22T21:42:55.294725Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":539,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.no","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-04-26T22:40:44.257175Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":726,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"6cec856a031ae0f0c8bfc9bbb1be38cc","sha1":"a05d495b9f3e016e3be98a6543e18fc91a0afe3d","sha256":"f234d2485fab8b5bec8a701048e8307f7d2b97bb187a469eed2800f054bdb2b9","sha512":"bee64a9f97a8ed49e1fdd1dfb5212e34bdcdf893c3397e718ac0152ce4f61c0a61dba6bd3c73a31faaa286227cf221e04a818115e00f99e3c2145f8c8d39b52f","ssdeep":"","tlshash":"90f00c78e072b1e94bc00056043bda4f90222aa2f012c4efd40292605995cde0a49e2a","size":613,"data":"","first_seen":"2026-04-28T13:39:34.310654Z","last_seen":"2026-04-28T13:58:04.044965Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/aes.js","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc66e046447092c606f2587837f96874","sha1":"fcf354a8044f494ee1f9fe868dde3f570f50e593","sha256":"5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96","sha512":"51cd149b2876e90621afc579fb172e253548a851d4c202181e1faba812f5beb1ae9ccf9f153137f60c569e05a79dcb272176e0126eceac54316208d2699a689f","ssdeep":"192:4hsoEj776Bn/tnHcgaollys/6+EgH3JLg7oLu0MyMVu:i50/3xoGs/jE839g2FB1","tlshash":"355200c203894a7cf2c92ed68c2f605620f3e54a3d251249efb399dbbc77d895075a36","size":13733,"data":"","first_seen":"2023-10-15T19:29:47Z","last_seen":"2026-06-13T09:21:20.599413Z","times_seen":7555,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/?i=1","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f344a08e12c315055cec9b6838afa9d","sha1":"5de27d0b7dc5ba2507cb62061de335a4a5d3a4ac","sha256":"da6bc8a26c0ff237dad348e0e622d25866b0ece2d1ba1d7d7cab2eead532339d","sha512":"30e8877382d961a10585c78bb51b5c22880f1542e9f5f1a1c8a05946dc273f09fd3cfe1f0794c3c4a5d9b145df6200d189fe08232cd968c5315bfda2897a8bf6","ssdeep":"","tlshash":"43e02dcb70151cb270ee09f933f0e638b1032a08b8091c32cdfec8242818a87c81748c","size":336,"data":"","first_seen":"2023-03-07T12:04:41Z","last_seen":"2026-06-06T06:08:12.413723Z","times_seen":327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.vidoomy.com/miarroba_23335.js","fqdn":"ads.vidoomy.com","domain":"vidoomy.com","tld":"com"},"ip":{"addr":"79.127.237.161","port":443,"asn":60068,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ea4e093807794ce608f22228b0b9fc2","sha1":"b64baf2950e73f44ddffc7d66142e266150333b2","sha256":"1f61f04dc1f23cbcc7a15e0ff27bdb0927e769503b217b18ed294b07b936c3e0","sha512":"96557da8f701679fe92977ea799cfe0046bdbffbf95e24500ab8bb4e9e31a8d2c83ab064778339a64aec9124417bb00369a326cda47aa3122dd9dd1e279768d6","ssdeep":"","tlshash":"b0400003c0000000030000000033000000000000030c0000000000000000c000000000","size":7,"data":"","first_seen":"2024-04-02T22:34:01Z","last_seen":"2026-06-05T09:30:35.51961Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.vidoomy.com/miarroba_23335.js","fqdn":"ads.vidoomy.com","domain":"vidoomy.com","tld":"com"},"ip":{"addr":"79.127.237.161","port":443,"asn":60068,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ea4e093807794ce608f22228b0b9fc2","sha1":"b64baf2950e73f44ddffc7d66142e266150333b2","sha256":"1f61f04dc1f23cbcc7a15e0ff27bdb0927e769503b217b18ed294b07b936c3e0","sha512":"96557da8f701679fe92977ea799cfe0046bdbffbf95e24500ab8bb4e9e31a8d2c83ab064778339a64aec9124417bb00369a326cda47aa3122dd9dd1e279768d6","ssdeep":"","tlshash":"b0400003c0000000030000000033000000000000030c0000000000000000c000000000","size":7,"data":"","first_seen":"2024-04-02T22:34:01Z","last_seen":"2026-06-05T09:30:35.51961Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-T2VG59","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"599e6bc60da834a3573e965d265eff3d","sha1":"b14035b2aca3454ea8050f0406ae2eeb6d0cee83","sha256":"5021f034b25ea674765986b2d679fdd72ff682fb7742312a06f953a4eb7295d3","sha512":"a9b34b62f5a90aa2ec115398eb1a67aeef23ad0ab8aaecd3734862061af0abc39c82f67e87c2414d9c9c9503791c5e022c76cd5dae97f2f5896a3b2aa45753d9","ssdeep":"6144:Z+VYoy0E5M/8sgIXXfRSrssan89UjovCdw:sYrM/8WG0cd","tlshash":"226408cdb7dab05243a3a478503f114bb23a7992f84cc899f182d8d42e74a694277f7d","size":321319,"data":"","first_seen":"2026-04-28T13:39:34.290638Z","last_seen":"2026-04-28T13:58:04.029634Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/?i=1","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f344a08e12c315055cec9b6838afa9d","sha1":"5de27d0b7dc5ba2507cb62061de335a4a5d3a4ac","sha256":"da6bc8a26c0ff237dad348e0e622d25866b0ece2d1ba1d7d7cab2eead532339d","sha512":"30e8877382d961a10585c78bb51b5c22880f1542e9f5f1a1c8a05946dc273f09fd3cfe1f0794c3c4a5d9b145df6200d189fe08232cd968c5315bfda2897a8bf6","ssdeep":"","tlshash":"43e02dcb70151cb270ee09f933f0e638b1032a08b8091c32cdfec8242818a87c81748c","size":336,"data":"","first_seen":"2023-03-07T12:04:41Z","last_seen":"2026-06-06T06:08:12.413723Z","times_seen":327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/?i=1","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"de958bdf20faeab5fb916d01a99d75a2","sha1":"ffcfe50c6a623c945323423dfcc24cb36fb562ac","sha256":"cb2a86073c2a36d73438a20451a33c06da008aad3b203e094cdaeb3151f2818e","sha512":"ce3fe30095697a26e213c749d83c13eba5615d7ec7078b15ed53675341a1127f4fe127dee97783e5f4054c938cfb8c8585a0db00b5162c7ae01d9ba0552c5a5c","ssdeep":"","tlshash":"3021f0067cb31241176bb0894f6fe40d220741172b49de84bf9ea7a51f847a8d6167dd","size":1302,"data":"","first_seen":"2026-04-09T14:30:55.934102Z","last_seen":"2026-04-28T13:58:04.050933Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/url.js","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"48cb01bea202689488b90cdcf2ed95e1","sha1":"de97061744338bac94dae65122ce6f050730685f","sha256":"d62121019c6021566c513b68620f0b9f4e6fb3c13ed4256f9b59ecf8c3944e71","sha512":"691f4348d883a052d2886f901599cdcbc634d559c2c93c6b64fb2145bb1cef7929ba674d784a98e51d4e134306e51095f525d1bf4ed2e5f1e6fd7d484dbeb898","ssdeep":"","tlshash":"7ec02b43300b0cb212c254584812ad4d5dc18c9d08c31c947151ac270b286f37015543","size":142,"data":"","first_seen":"2026-04-28T02:47:55.004977Z","last_seen":"2026-04-28T13:58:04.036191Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-13T10:17:13.320906Z","times_seen":251178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-T2VG59","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"599e6bc60da834a3573e965d265eff3d","sha1":"b14035b2aca3454ea8050f0406ae2eeb6d0cee83","sha256":"5021f034b25ea674765986b2d679fdd72ff682fb7742312a06f953a4eb7295d3","sha512":"a9b34b62f5a90aa2ec115398eb1a67aeef23ad0ab8aaecd3734862061af0abc39c82f67e87c2414d9c9c9503791c5e022c76cd5dae97f2f5896a3b2aa45753d9","ssdeep":"6144:Z+VYoy0E5M/8sgIXXfRSrssan89UjovCdw:sYrM/8WG0cd","tlshash":"226408cdb7dab05243a3a478503f114bb23a7992f84cc899f182d8d42e74a694277f7d","size":321319,"data":"","first_seen":"2026-04-28T13:39:34.290638Z","last_seen":"2026-04-28T13:58:04.029634Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/?i=1","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f7086f0887f5755529b6a3370ff772d","sha1":"844e8a5992ccf37e0cdfc27cf2c3b7221d3a1f46","sha256":"eeed29e37cad5862d330be81ce1d38d50ad74b9909685aa09b94e55ab7c069ad","sha512":"20f5ce7e2a0b1c9887b7d6f8660069c18a086572e43791591aa3db44f1b3f2d394b7eeafaff98a0ccb1e29fa619842314eeeeaaa74f18cc89c4a52035854a10a","ssdeep":"","tlshash":"7ac08cea2953ac70a7fb0b924f5b3b452923f3b661801a22082262443525faf2252de5","size":178,"data":"","first_seen":"2024-11-01T19:41:01.366392Z","last_seen":"2026-06-06T06:08:12.413087Z","times_seen":244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-C2Z4YC0WNE","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b4ce1ef2c5dcd36bc603fd8f55a1e93","sha1":"eb114ea19617b63c4fadcf136070504a3d1cce88","sha256":"a4cc940ad94ad73e0ddf9b50047fe8d95f54470b144e84342f8781dbec911165","sha512":"14781b144086ebd36a3667bce697f6d004c76000e4466ab75c72b7743b8f125753bae2a3f97d1930fc2c7cd07965161c892488cbb6ea82e1169f90e9e0f45b10","ssdeep":"6144:vHm+VYoy0E5wkSWsgna64sXXsRSrssan89Ug/cZvKfsDka:v5YrwkSWY64FG36j","tlshash":"2bb4f8ceb3d674625296f478903f01cba97b39a2b49cc89ab189ccf02d3455a4177f78","size":493737,"data":"","first_seen":"2026-04-28T13:39:34.301769Z","last_seen":"2026-04-28T13:39:34.301769Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ads.vidoomy.com/miarroba_23335.js","fqdn":"ads.vidoomy.com","domain":"vidoomy.com","tld":"com"},"ip":{"addr":"79.127.237.161","port":443,"asn":60068,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vidoomy.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 06 Aug 2025 00:00:00 GMT","end":"Sun, 06 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:98:18:58:24:20:FE:84:4C:27:0C:05:FB:A9:D8:5D:88:E5:C4:9E","sha256":"C9:B1:D3:D2:CA:11:D4:95:5C:1B:D2:00:82:FA:DA:E7:61:4E:E3:64:29:FD:94:D2:19:75:12:82:FA:98:C7:0B"}}},"request":{"raw":"GET /miarroba_23335.js HTTP/1.1\r\nHost: ads.vidoomy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 10:56:05 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nvary: X-Vary-TCDN, Accept-Encoding\r\nage: 9783\r\ntp-cache: hit\r\naccept-ranges: bytes\r\ncontent-length: 38\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"7ea4e093807794ce608f22228b0b9fc2","sha1":"b64baf2950e73f44ddffc7d66142e266150333b2","sha256":"1f61f04dc1f23cbcc7a15e0ff27bdb0927e769503b217b18ed294b07b936c3e0","sha512":"96557da8f701679fe92977ea799cfe0046bdbffbf95e24500ab8bb4e9e31a8d2c83ab064778339a64aec9124417bb00369a326cda47aa3122dd9dd1e279768d6","ssdeep":"","tlshash":"b0400003c0000000030000000033000000000000030c0000000000000000c000000000","first_seen":"2024-04-02T22:34:01Z","last_seen":"2026-06-05T09:30:35.51961Z","times_seen":166,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":125,"connect":32,"send":0,"wait":31,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-T2VG59","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtm.js?id=GTM-T2VG59 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 13:39:09 GMT\r\nexpires: Tue, 28 Apr 2026 13:39:09 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 112181\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":321319,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4517)","md5":"599e6bc60da834a3573e965d265eff3d","sha1":"b14035b2aca3454ea8050f0406ae2eeb6d0cee83","sha256":"5021f034b25ea674765986b2d679fdd72ff682fb7742312a06f953a4eb7295d3","sha512":"a9b34b62f5a90aa2ec115398eb1a67aeef23ad0ab8aaecd3734862061af0abc39c82f67e87c2414d9c9c9503791c5e022c76cd5dae97f2f5896a3b2aa45753d9","ssdeep":"6144:Z+VYoy0E5M/8sgIXXfRSrssan89UjovCdw:sYrM/8WG0cd","tlshash":"226408cdb7dab05243a3a478503f114bb23a7992f84cc899f182d8d42e74a694277f7d","first_seen":"2026-04-28T13:39:34.290638Z","last_seen":"2026-04-28T13:58:04.029634Z","times_seen":2,"resource_available":true,"data":null}},"time_used":334,"timings":{"blocked":129,"dns":22,"connect":7,"send":0,"wait":31,"receive":26,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/hosting__contador__visitas__unicas.php?h=2201156\u0026t=1758727111\u0026k=51bb462a746eff5575221e6179f8f2bc\u0026__muid=","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /hosting__contador__visitas__unicas.php?h=2201156\u0026t=1758727111\u0026k=51bb462a746eff5575221e6179f8f2bc\u0026__muid= HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 11909\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Oct 2023 23:08:40 GMT\r\nETag: \"2e85-606d7f8b72398\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=5, public, proxy-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2228)","md5":"6baf6e5cb8ffa13768f8c590afeaa118","sha1":"ebbbfe7b01356b03dc1d0921e53b1054f528036c","sha256":"051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687","sha512":"45aee85bd77af515336be13371057a067f8be2f922e9ad1c51d39fe70085d6c46a90b08221b534dfed9993f3e37f90c3ccd4d744ea2e03c7efe67928d6c83a6f","ssdeep":"96:LOWYRERkMHXYaY7YnYVPHfwUc7cR9Guhi5S6ZYOJ7D1cfLWuPpAKd9T:zQsLyEOnwUkVS6ZlJ7D2fLrd9T","tlshash":"f832b83b4cf52b260342c69328f413ad6e1b534785017a86f5fd8baddf81e8a5c97368","first_seen":"2023-05-29T14:16:00Z","last_seen":"2026-06-13T04:57:08.509497Z","times_seen":456,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ads.vidoomy.com/miarroba_23335.js","fqdn":"ads.vidoomy.com","domain":"vidoomy.com","tld":"com"},"ip":{"addr":"79.127.237.161","port":443,"asn":60068,"as":"Datacamp Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vidoomy.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 06 Aug 2025 00:00:00 GMT","end":"Sun, 06 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:98:18:58:24:20:FE:84:4C:27:0C:05:FB:A9:D8:5D:88:E5:C4:9E","sha256":"C9:B1:D3:D2:CA:11:D4:95:5C:1B:D2:00:82:FA:DA:E7:61:4E:E3:64:29:FD:94:D2:19:75:12:82:FA:98:C7:0B"}}},"request":{"raw":"GET /miarroba_23335.js HTTP/1.1\r\nHost: ads.vidoomy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 10:56:05 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nvary: X-Vary-TCDN, Accept-Encoding\r\nage: 9783\r\ntp-cache: hit\r\naccept-ranges: bytes\r\ncontent-length: 38\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"7ea4e093807794ce608f22228b0b9fc2","sha1":"b64baf2950e73f44ddffc7d66142e266150333b2","sha256":"1f61f04dc1f23cbcc7a15e0ff27bdb0927e769503b217b18ed294b07b936c3e0","sha512":"96557da8f701679fe92977ea799cfe0046bdbffbf95e24500ab8bb4e9e31a8d2c83ab064778339a64aec9124417bb00369a326cda47aa3122dd9dd1e279768d6","ssdeep":"","tlshash":"b0400003c0000000030000000033000000000000030c0000000000000000c000000000","first_seen":"2024-04-02T22:34:01Z","last_seen":"2026-06-05T09:30:35.51961Z","times_seen":166,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":243,"dns":137,"connect":30,"send":0,"wait":31,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/style.css","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/css\r\nContent-Length: 3964\r\nConnection: keep-alive\r\nLast-Modified: Tue, 17 Mar 2026 18:25:32 GMT\r\nETag: \"f7c-64d3c75ef82fa\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Thu, 28 May 2026 13:39:09 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3964,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"d5e5da27830b25ab228d6c9df02a0557","sha1":"30d302b99b892ce73d0070fe91c9bb11675593f9","sha256":"bb722a3b4a28e16cf2ed4d5d087b38f9f304a0d402c5757a85a27702c018f16d","sha512":"6b310bc07f9d1f6da7a1d29f7d9b77cbb0a626e8fa6fd15bcbfcf88fa279971b45dc7331c267efafe829271e2afd4f8ed230fb275ec1667b95133bd429c9cf3c","ssdeep":"","tlshash":"6f8120916f5314427407d52c77fa8b1b122c4143918eddbdbf8ea1d8cf992a8c662bdc","first_seen":"2025-07-06T13:00:32.27924Z","last_seen":"2026-06-02T01:14:23.758389Z","times_seen":34,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 14:54:50 GMT\r\nexpires: Thu, 22 Apr 2027 14:54:50 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 513859\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89476,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-13T10:17:13.320906Z","times_seen":251178,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":134,"dns":0,"connect":23,"send":0,"wait":26,"receive":22,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.freepnglogos.com/uploads/microsoft-logo-png-transparent-background-1.png","fqdn":"www.freepnglogos.com","domain":"freepnglogos.com","tld":"com"},"ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freepnglogos.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Mar 2026 06:22:04 GMT","end":"Thu, 04 Jun 2026 06:22:03 GMT"},"fingerprint":{"sha1":"77:D5:92:CB:9B:F9:37:D1:0B:C4:9D:FE:79:BE:E9:79:1D:19:5A:39","sha256":"5D:0E:7B:81:54:A5:C3:13:80:27:5A:99:68:27:27:73:9B:03:80:43:C3:27:DA:FF:5A:5A:C1:41:98:40:E2:BF"}}},"request":{"raw":"GET /uploads/microsoft-logo-png-transparent-background-1.png HTTP/1.1\r\nHost: www.freepnglogos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Tue, 28 Apr 2026 13:39:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 46043\r\nlast-modified: Sat, 20 Aug 2022 14:09:47 GMT\r\netag: \"6300eb2b-b3db\"\r\ncache-control: no-cache, must-revalidate\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5471 x 1280, 8-bit/color RGBA, non-interlaced","md5":"c117a0bda103aeb25c145a71b0b8ac5a","sha1":"3dd6e5ccf39e92e840404bdab510c8d67bd6e768","sha256":"4bad04d35478f23907ff0e6433a492400840cec4fbd6a487752dd5bdcbbca029","sha512":"73136f1a544983f8ed0e909d0811bbf7fd61ccbeb84bb2023af56943949ea082306576bff227fc71c864d2022e429059231aa082d19977dead2de25c07e17bc8","ssdeep":"768:sgFuRUyAenFPQDYEP6BI1fdR9QgPla9qO:sfZZiPpLR9d9a9qO","tlshash":"1f2329b54c9b89f5c10d4876dc789fa972f81ade6224332d433e7a3d78963ca6004add","first_seen":"2023-11-03T14:17:52Z","last_seen":"2026-06-12T09:07:13.945361Z","times_seen":220,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":119,"dns":43,"connect":35,"send":0,"wait":42,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.glitch.global/7177bfef-a9de-49ca-904a-bc82dc609bfd/Captura%20de%20pantalla%202025-03-13%20234358.png?v=1741927464384","fqdn":"cdn.glitch.global","domain":"glitch.global","tld":"global"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.715Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /7177bfef-a9de-49ca-904a-bc82dc609bfd/Captura%20de%20pantalla%202025-03-13%20234358.png?v=1741927464384 HTTP/1.1\r\nHost: cdn.glitch.global\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T10:33:11.41944Z","times_seen":16384135,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"cdn.glitch.global","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-C2Z4YC0WNE","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=G-C2Z4YC0WNE HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 13:39:09 GMT\r\nexpires: Tue, 28 Apr 2026 13:39:09 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 161523\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":493737,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"6b4ce1ef2c5dcd36bc603fd8f55a1e93","sha1":"eb114ea19617b63c4fadcf136070504a3d1cce88","sha256":"a4cc940ad94ad73e0ddf9b50047fe8d95f54470b144e84342f8781dbec911165","sha512":"14781b144086ebd36a3667bce697f6d004c76000e4466ab75c72b7743b8f125753bae2a3f97d1930fc2c7cd07965161c892488cbb6ea82e1169f90e9e0f45b10","ssdeep":"6144:vHm+VYoy0E5wkSWsgna64sXXsRSrssan89Ug/cZvKfsDka:v5YrwkSWY64FG36j","tlshash":"2bb4f8ceb3d674625296f478903f01cba97b39a2b49cc89ab189ccf02d3455a4177f78","first_seen":"2026-04-28T13:39:34.301769Z","last_seen":"2026-04-28T13:39:34.301769Z","times_seen":1,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/favicon.ico","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 11909\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Oct 2023 23:08:40 GMT\r\nETag: \"2e85-606d7f8b72398\"\r\nCache-Control: max-age=5, public, proxy-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2228)","md5":"6baf6e5cb8ffa13768f8c590afeaa118","sha1":"ebbbfe7b01356b03dc1d0921e53b1054f528036c","sha256":"051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687","sha512":"45aee85bd77af515336be13371057a067f8be2f922e9ad1c51d39fe70085d6c46a90b08221b534dfed9993f3e37f90c3ccd4d744ea2e03c7efe67928d6c83a6f","ssdeep":"96:LOWYRERkMHXYaY7YnYVPHfwUc7cR9Guhi5S6ZYOJ7D1cfLWuPpAKd9T:zQsLyEOnwUkVS6ZlJ7D2fLrd9T","tlshash":"f832b83b4cf52b260342c69328f413ad6e1b534785017a86f5fd8baddf81e8a5c97368","first_seen":"2023-05-29T14:16:00Z","last_seen":"2026-06-13T04:57:08.509497Z","times_seen":456,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/url.js","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /url.js HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 142\r\nConnection: keep-alive\r\nLast-Modified: Tue, 17 Mar 2026 18:25:32 GMT\r\nETag: \"8e-64d3c75f2fda4\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Thu, 28 May 2026 13:39:09 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":142,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"48cb01bea202689488b90cdcf2ed95e1","sha1":"de97061744338bac94dae65122ce6f050730685f","sha256":"d62121019c6021566c513b68620f0b9f4e6fb3c13ed4256f9b59ecf8c3944e71","sha512":"691f4348d883a052d2886f901599cdcbc634d559c2c93c6b64fb2145bb1cef7929ba674d784a98e51d4e134306e51095f525d1bf4ed2e5f1e6fd7d484dbeb898","ssdeep":"","tlshash":"7ec02b43300b0cb212c254584812ad4d5dc18c9d08c31c947151ac270b286f37015543","first_seen":"2026-04-28T02:47:55.004977Z","last_seen":"2026-04-28T13:58:04.036191Z","times_seen":3,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":76,"dns":1,"connect":31,"send":0,"wait":77,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/hosting__contador__visitas__unicas.php?h=2200952\u0026t=1758294922\u0026k=68d65d0771a4e009127e0f10b02a0860\u0026__muid=","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /hosting__contador__visitas__unicas.php?h=2200952\u0026t=1758294922\u0026k=68d65d0771a4e009127e0f10b02a0860\u0026__muid= HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 11909\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Oct 2023 23:08:40 GMT\r\nETag: \"2e85-606d7f8b72398\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=5, public, proxy-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":11909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2228)","md5":"6baf6e5cb8ffa13768f8c590afeaa118","sha1":"ebbbfe7b01356b03dc1d0921e53b1054f528036c","sha256":"051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687","sha512":"45aee85bd77af515336be13371057a067f8be2f922e9ad1c51d39fe70085d6c46a90b08221b534dfed9993f3e37f90c3ccd4d744ea2e03c7efe67928d6c83a6f","ssdeep":"96:LOWYRERkMHXYaY7YnYVPHfwUc7cR9Guhi5S6ZYOJ7D1cfLWuPpAKd9T:zQsLyEOnwUkVS6ZlJ7D2fLrd9T","tlshash":"f832b83b4cf52b260342c69328f413ad6e1b534785017a86f5fd8baddf81e8a5c97368","first_seen":"2023-05-29T14:16:00Z","last_seen":"2026-06-13T04:57:08.509497Z","times_seen":456,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-C2Z4YC0WNE\u0026cid=1928260894.1777383550\u0026gtm=45je64o1v9165163754za200zd9165163754\u0026rcb=19\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115616985~115938465~115938469~116363097~117266400~117384406~117512543~118128922~118463261\u0026z=104799153","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:10.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:38:39 GMT","end":"Mon, 22 Jun 2026 08:38:38 GMT"},"fingerprint":{"sha1":"28:27:63:E6:8D:9F:5E:83:2F:93:1D:17:8F:A5:D2:B4:07:94:69:56","sha256":"86:54:70:19:0A:EA:E1:98:29:B7:6F:10:12:6D:C3:A7:B8:98:D6:2B:0A:87:0F:67:18:D0:50:E3:8A:88:B0:BF"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-C2Z4YC0WNE\u0026cid=1928260894.1777383550\u0026gtm=45je64o1v9165163754za200zd9165163754\u0026rcb=19\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115616985~115938465~115938469~116363097~117266400~117384406~117512543~118128922~118463261\u0026z=104799153 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Tue, 28 Apr 2026 13:39:10 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-13T10:32:52.969037Z","times_seen":947712,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":101,"dns":1,"connect":21,"send":0,"wait":36,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/aes.js","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/","date":"2026-04-28T13:39:08.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /aes.js HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 13733\r\nLast-Modified: Sun, 15 Oct 2023 17:08:46 GMT\r\nConnection: keep-alive\r\nETag: \"652c1c9e-35a5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":13733,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13733), with no line terminators","md5":"fc66e046447092c606f2587837f96874","sha1":"fcf354a8044f494ee1f9fe868dde3f570f50e593","sha256":"5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96","sha512":"51cd149b2876e90621afc579fb172e253548a851d4c202181e1faba812f5beb1ae9ccf9f153137f60c569e05a79dcb272176e0126eceac54316208d2699a689f","ssdeep":"192:4hsoEj776Bn/tnHcgaollys/6+EgH3JLg7oLu0MyMVu:i50/3xoGs/jE839g2FB1","tlshash":"355200c203894a7cf2c92ed68c2f605620f3e54a3d251249efb399dbbc77d895075a36","first_seen":"2023-10-15T19:29:47Z","last_seen":"2026-06-13T09:21:20.599413Z","times_seen":7555,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/?i=1","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:39:09.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 5170\r\nConnection: keep-alive\r\nLast-Modified: Tue, 17 Mar 2026 18:25:30 GMT\r\nETag: \"1432-64d3c75da29e3\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Thu, 28 May 2026 13:39:09 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}],"data":{"size":5170,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (353)","md5":"2aa660f2abfe636fdcb3d3b793ea6ab1","sha1":"19c01678d635502ab89019fbbe14589543554f47","sha256":"08c135919331d936b5c47b6cfc0d3bd66d7977f016811cd32b4df02029109165","sha512":"081525c23d2849e763643034f832991229d29ebec51f2a19b670cb51ed0b588fb258aaa2287f5f166bd2bf94b7535c327b326a57cbc4fd9a208bc673f810c91e","ssdeep":"96:gbjLKlAQwbjLKlAQvaipoFVYql+kox9xQ62+mLjvfNjo:Mjulz8julzva6qix9xkLjHNjo","tlshash":"57b1959b6db9882a275340d259f2f00d64435107ea59ce94baed86b83fc4fdacd0339c","first_seen":"2026-04-09T14:30:55.911407Z","last_seen":"2026-04-28T13:58:04.040656Z","times_seen":4,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-T2VG59","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtm.js?id=GTM-T2VG59 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 13:39:09 GMT\r\nexpires: Tue, 28 Apr 2026 13:39:09 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 112181\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":321319,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4517)","md5":"599e6bc60da834a3573e965d265eff3d","sha1":"b14035b2aca3454ea8050f0406ae2eeb6d0cee83","sha256":"5021f034b25ea674765986b2d679fdd72ff682fb7742312a06f953a4eb7295d3","sha512":"a9b34b62f5a90aa2ec115398eb1a67aeef23ad0ab8aaecd3734862061af0abc39c82f67e87c2414d9c9c9503791c5e022c76cd5dae97f2f5896a3b2aa45753d9","ssdeep":"6144:Z+VYoy0E5M/8sgIXXfRSrssan89UjovCdw:sYrM/8WG0cd","tlshash":"226408cdb7dab05243a3a478503f114bb23a7992f84cc899f182d8d42e74a694277f7d","first_seen":"2026-04-28T13:39:34.290638Z","last_seen":"2026-04-28T13:58:04.029634Z","times_seen":2,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":133,"dns":18,"connect":20,"send":0,"wait":29,"receive":24,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/hosting__contador__visitas__unicas.php?h=2200952\u0026t=1758294922\u0026k=68d65d0771a4e009127e0f10b02a0860\u0026__muid=","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /hosting__contador__visitas__unicas.php?h=2200952\u0026t=1758294922\u0026k=68d65d0771a4e009127e0f10b02a0860\u0026__muid= HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 11909\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Oct 2023 23:08:40 GMT\r\nETag: \"2e85-606d7f8b72398\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=5, public, proxy-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2228)","md5":"6baf6e5cb8ffa13768f8c590afeaa118","sha1":"ebbbfe7b01356b03dc1d0921e53b1054f528036c","sha256":"051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687","sha512":"45aee85bd77af515336be13371057a067f8be2f922e9ad1c51d39fe70085d6c46a90b08221b534dfed9993f3e37f90c3ccd4d744ea2e03c7efe67928d6c83a6f","ssdeep":"96:LOWYRERkMHXYaY7YnYVPHfwUc7cR9Guhi5S6ZYOJ7D1cfLWuPpAKd9T:zQsLyEOnwUkVS6ZlJ7D2fLrd9T","tlshash":"f832b83b4cf52b260342c69328f413ad6e1b534785017a86f5fd8baddf81e8a5c97368","first_seen":"2023-05-29T14:16:00Z","last_seen":"2026-06-13T04:57:08.509497Z","times_seen":456,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-C2Z4YC0WNE\u0026gtm=45je64o1v9165163754za200zd9165163754\u0026_p=1777383549244\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026_eu=AAAAAGAC\u0026cid=1928260894.1777383550\u0026frm=0\u0026pscdl=noapi\u0026rcb=19\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115616985~115938465~115938469~116363097~117266400~117384406~117512543~118128922~118463261\u0026dp=conf1rmaci0n365.iceiy.com%2F\u0026sid=1777383549\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fconf1rmaci0n365.iceiy.com%2F%3Fi%3D1\u0026dr=https%3A%2F%2Fconf1rmaci0n365.iceiy.com%2F\u0026dt=Outlook%20Verification\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=1032","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:10.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-C2Z4YC0WNE\u0026gtm=45je64o1v9165163754za200zd9165163754\u0026_p=1777383549244\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026_eu=AAAAAGAC\u0026cid=1928260894.1777383550\u0026frm=0\u0026pscdl=noapi\u0026rcb=19\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115616985~115938465~115938469~116363097~117266400~117384406~117512543~118128922~118463261\u0026dp=conf1rmaci0n365.iceiy.com%2F\u0026sid=1777383549\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fconf1rmaci0n365.iceiy.com%2F%3Fi%3D1\u0026dr=https%3A%2F%2Fconf1rmaci0n365.iceiy.com%2F\u0026dt=Outlook%20Verification\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=1032 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nOrigin: https://conf1rmaci0n365.iceiy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://conf1rmaci0n365.iceiy.com\r\ndate: Tue, 28 Apr 2026 13:39:10 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:196:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:196:0\r\nreport-to: {\"group\":\"ascnsrsggc:196:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:196:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T10:33:11.41944Z","times_seen":16384135,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":58,"dns":0,"connect":22,"send":0,"wait":33,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:39:08.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:08 GMT\r\nContent-Type: text/html\r\nContent-Length: 852\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":852,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (852), with no line terminators","md5":"4e5f8493c090cebe31d083405e873d88","sha1":"4dc04eef33d0f1c6f6d19b81d67674dc9f35d69d","sha256":"9873e02bfd60168f7aaa2dd898c2cea3f9e37d42dda9f9fef8c7b1706d07a1f4","sha512":"9ec51e9699ce683d3965cb1f939b982c3c1f6ecaf7afee519cd5fac7f1cd65d5ead1831510df689253d7c273fec253def8acebbd457418486a08eeca033a78b3","ssdeep":"","tlshash":"0b0141b9eca2f4d59bc000c0143bd55e6412a6a6e501ccefe4c242a452d0bdd0e4ad7a","first_seen":"2026-04-28T13:39:34.308487Z","last_seen":"2026-04-28T13:58:04.042432Z","times_seen":2,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":212,"dns":1,"connect":32,"send":0,"wait":32,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 13:39:09 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10482\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6599bda5-28f2\"\r\nlast-modified: Sat, 06 Jan 2024 21:52:53 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 290863\r\nexpires: Sun, 18 Apr 2027 13:39:09 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sTzaZBz9TUmCuJ%2Fa20uthsHn5sAdPcyJlvI0J4kzGOi4n8fsnqovTgik6EmzzS8kEBAa6ukk3IUAVNKXjEapGVwcmhVdGJW4lXAodbVtOhi0HehYC0%2BXE%2FxQwyAKp4bGF4Nrjr5T\"}]}\r\ncf-ray: 9f3678af1d4d0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59344,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (59158)","md5":"74bab4578692993514e7f882cc15c218","sha1":"b6293bcfd851f963edbe859498570c4c0c7eaae4","sha256":"d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386","sha512":"8810579bc7d6f74fa7b8b7122a56e6acf70b6b4393f76c4ed4122c67ecb00d6642beab1681c715de0168441bf4cfef1d2c9832007221477e5565cda833f808d7","ssdeep":"768:0Eh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzl:0E0PxXE4YXJgndFTfy9lt5B","tlshash":"0a43fbb8e54c01c9b731c44bef82b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-06-13T10:32:17.944048Z","times_seen":101719,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":4,"dns":0,"connect":1,"send":0,"wait":9,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"conf1rmaci0n365.iceiy.com/hosting__contador__visitas__unicas.php?h=2201156\u0026t=1758727111\u0026k=51bb462a746eff5575221e6179f8f2bc\u0026__muid=","fqdn":"conf1rmaci0n365.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.218","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://conf1rmaci0n365.iceiy.com/?i=1","date":"2026-04-28T13:39:09.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /hosting__contador__visitas__unicas.php?h=2201156\u0026t=1758727111\u0026k=51bb462a746eff5575221e6179f8f2bc\u0026__muid= HTTP/1.1\r\nHost: conf1rmaci0n365.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://conf1rmaci0n365.iceiy.com/?i=1\r\nCookie: __test=db28771771e7238595d84de345e230b4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: openresty\r\nDate: Tue, 28 Apr 2026 13:39:09 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 11909\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Oct 2023 23:08:40 GMT\r\nETag: \"2e85-606d7f8b72398\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=5, public, proxy-revalidate\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2228)","md5":"6baf6e5cb8ffa13768f8c590afeaa118","sha1":"ebbbfe7b01356b03dc1d0921e53b1054f528036c","sha256":"051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687","sha512":"45aee85bd77af515336be13371057a067f8be2f922e9ad1c51d39fe70085d6c46a90b08221b534dfed9993f3e37f90c3ccd4d744ea2e03c7efe67928d6c83a6f","ssdeep":"96:LOWYRERkMHXYaY7YnYVPHfwUc7cR9Guhi5S6ZYOJ7D1cfLWuPpAKd9T:zQsLyEOnwUkVS6ZlJ7D2fLrd9T","tlshash":"f832b83b4cf52b260342c69328f413ad6e1b534785017a86f5fd8baddf81e8a5c97368","first_seen":"2023-05-29T14:16:00Z","last_seen":"2026-06-13T04:57:08.509497Z","times_seen":456,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":80,"dns":1,"connect":35,"send":0,"wait":71,"receive":1,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"conf1rmaci0n365.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"conf1rmaci0n365.iceiy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}