{"report_id":"950a2032-f2f5-40a9-866a-a490532d1dad","version":6,"status":"done","tags":[],"date":"2026-03-24T00:51:31Z","url":{"schema":"http","addr":"financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"ip":{"addr":"99.81.16.146","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"title":"Outlook 365 Login","dom":{"size":2650,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (545)","md5":"d7b01ffc5021bb71f592a44049144e5d","sha1":"4a1342944ca8b9c4642eab57640886cb54814424","sha256":"2bfdac19b89014d8571f281c072985866b706de4da481b7d3812d2037c32a8df","sha512":"e89b64557f854483be00e2296c5fff29f7df61fde233f4624d9c76fa6682a2daf23c50349fe76b229bc14cd323f41b90c0e7d2467f583b85098713414f7ae174","ssdeep":"","tlshash":"bc51751a46120300a767b3d0f5a1e7492131020be7a64c7d3dbd8aa2f3cd8b9037b5c9","dom_hash":"domhash9ebd5973395d13405281341c16bcd0df","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"ip":{"addr":"99.81.16.146","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-28T00:51:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-24","alert":"Phishing Block","trigger":"financialalertsystem.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"financialalertsystem.com","ip":{"addr":"99.81.16.146","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2019-12-02","domain_rank":0,"first_seen":"2022-11-01T05:47:57Z","last_seen":"2026-03-18T23:45:43.023957Z","alert_count":9,"request_count":3,"received_data":7680,"sent_data":1736,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"s3.amazonaws.com","ip":{"addr":"16.15.183.114","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":1245,"first_seen":"2020-05-13T22:53:44Z","last_seen":"2026-03-23T05:43:48.253012Z","alert_count":0,"request_count":3,"received_data":210053,"sent_data":1482,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"ip":{"addr":"99.81.16.146","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"2caedcf82fcb11db7e68e0e7bbc032d3","sha1":"069967a0d3ccaf35f29a1310328b552821267647","sha256":"e1ef40ed9724b2e31f4105049a13c848c41a7136da5356b09fc4ae10289955c1","sha512":"9a79e1c6a42c77ca5859ea70ebb3ac59a08cd1e9ef544080eb6094284bec5cedf70159bf8eeec6dbbea6bd2f3ba003f05b1dba798df5beaad0d47e24597b1941","ssdeep":"","tlshash":"71d0a5a735b315f44757b37d5307674420b114db1844d4507d1d4f58cf5591b11b5789","size":263,"data":"","first_seen":"2026-03-23T12:48:22.4924Z","last_seen":"2026-03-24T00:51:32.472836Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"financialalertsystem.com/css/data-entry.css","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"ip":{"addr":"99.81.16.146","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","date":"2026-03-24T00:51:09.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"financialalertsystem.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 22 Sep 2025 00:00:00 GMT","end":"Wed, 21 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:26:5B:DC:C1:D1:9A:CA:DF:24:87:B7:65:A5:70:21:DF:CC:61:70","sha256":"87:85:43:20:0C:E9:90:AE:F9:58:C3:FC:02:D5:F3:11:C9:AE:34:4C:7C:30:37:5A:71:9B:54:AC:70:64:7C:98"}}},"request":{"raw":"GET /css/data-entry.css HTTP/1.1\r\nHost: financialalertsystem.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: csrf=i4y2P3xqqK0UyOdVgdG4SzgzYWVhNGQ0ZWQ2YjVjNDY3NGUyY2I3NWNhN2ZkMzJjMzk3NmQ1MmQ%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 00:51:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 3767\r\nserver: nginx\r\nlast-modified: Mon, 23 Mar 2026 16:40:59 GMT\r\netag: \"69c16d1b-eb7\"\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3767,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3766)","md5":"9cdb6827dc31b40c61976a7b9b261014","sha1":"59c469d802c67be386a65c7b8f39a9945de03ecd","sha256":"e7f32025f80aaba357fb0490459ef3d76983eb9841e7952cd70f836b8702267b","sha512":"032ff5602249f1fa47e5a43e7a0fe17b54e33965bc445d598958dd5d5817eadbf95fead7fa1fd1452379c249d6c4a301d949e6571eea03bfa5f469dd9256abb5","ssdeep":"","tlshash":"0a713d273e28221cb527861edcdd139922347621b7170beffc94e1248bcede23422a02","first_seen":"2026-03-19T23:45:39.017434Z","last_seen":"2026-03-27T13:57:39.240488Z","times_seen":98,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-24","alert":"Phishing Block","trigger":"financialalertsystem.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s3.amazonaws.com/securityiq/phishing-templates/Outlook+365/logo-outlook365.png","fqdn":"s3.amazonaws.com","domain":"s3.amazonaws.com","tld":""},"ip":{"addr":"16.15.183.114","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","date":"2026-03-24T00:51:09.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /securityiq/phishing-templates/Outlook+365/logo-outlook365.png HTTP/1.1\r\nHost: s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://financialalertsystem.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: eICc2KcOAJgrD+H/c3Q/3+8kGE2FOU99MXX2dtk1LxItohdxtX3dtq2DWEuABGUQ+V0/JL8JCSNCjdser2La970gc44kC2pB\r\nx-amz-request-id: B0RDRH832CCHZT9N\r\nDate: Tue, 24 Mar 2026 00:51:11 GMT\r\nLast-Modified: Tue, 21 Feb 2017 14:16:38 GMT\r\nETag: \"9f09a27d4f69b3557c7433574a29d726\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 4585\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":4585,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 159 x 35, 8-bit/color RGBA, non-interlaced","md5":"9f09a27d4f69b3557c7433574a29d726","sha1":"a3097972d16e6d5768086f3f126e8d07edcc5976","sha256":"fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603","sha512":"27f4fe5fa2cb5343ae820f9413105e0cbc6013f8396e1de59d53004b5aaebb171a0ca8847c4ecbeb3975f46f0cb86edda22221380121af86bcca9460330a1d5d","ssdeep":"96:FZ/I09Da01l+gmkyTt6Hk8nT89qn/I1qIZNhQu12I/h7eUu:FS0tKg9E05T89u/IjZNZtu","tlshash":"0f918d6d8d30518ea5d63b810e9c0163d73994bcd60f3a78b8e551ff1081f0683e156a","first_seen":"2023-05-02T14:12:33Z","last_seen":"2026-06-03T16:10:07.559219Z","times_seen":327,"resource_available":false,"data":null}},"time_used":645,"timings":{"blocked":236,"dns":13,"connect":96,"send":0,"wait":168,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3.amazonaws.com/securityiq/phishing-templates/Outlook+365/logo-microsoft.png","fqdn":"s3.amazonaws.com","domain":"s3.amazonaws.com","tld":""},"ip":{"addr":"16.15.183.114","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","date":"2026-03-24T00:51:09.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /securityiq/phishing-templates/Outlook+365/logo-microsoft.png HTTP/1.1\r\nHost: s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://financialalertsystem.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: eCGrlHD5mTlzmEvRjJHKSQb+GDdbTvc+rBECU1kGQ97+qa1FJB1YRDHuaceNhSon8RnRSQAzGelXbrnL8OM/uoshmZHqnP0y\r\nx-amz-request-id: B0RA2B17VQMHCCY1\r\nDate: Tue, 24 Mar 2026 00:51:11 GMT\r\nLast-Modified: Tue, 21 Feb 2017 14:16:38 GMT\r\nETag: \"e4b675007dc6492ee590131d1f7dfbb3\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 1040\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":1040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 22, 8-bit/color RGBA, non-interlaced","md5":"e4b675007dc6492ee590131d1f7dfbb3","sha1":"9397e98e13074c09072f6a50e7267c612738c455","sha256":"988e349f2bf4e87154738c7b2c1fa86618713a8cfa0cef60a046f5add89bd9de","sha512":"b880db21f612f257fa94656d632d11fe63841493e7b0443ef8ab5cb753cab717625d1873866c7dc00ec4596c1e148690b4c4231b0dd8636f4a86eec33f6a0cf4","ssdeep":"","tlshash":"d311d5d880a65ef208a0ab70110604acf9225e2b4b0253905e026191b942fd22dbcaa0","first_seen":"2023-05-02T14:12:33Z","last_seen":"2026-06-03T16:10:07.559722Z","times_seen":274,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":249,"dns":13,"connect":93,"send":0,"wait":143,"receive":0,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3.amazonaws.com/securityiq/phishing-templates/Outlook+365/background.jpg","fqdn":"s3.amazonaws.com","domain":"s3.amazonaws.com","tld":""},"ip":{"addr":"16.15.183.114","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","date":"2026-03-24T00:51:09.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D4:87:03:14:FE:12:27:46:E3:63:CC:7B:43:A1:D0:D8:B9:17:AF:7D","sha256":"7E:BF:42:63:5D:C3:2B:CB:97:F6:0E:38:3E:E1:F8:63:39:AA:CE:A2:39:E1:56:B9:8D:74:1C:79:12:67:14:36"}}},"request":{"raw":"GET /securityiq/phishing-templates/Outlook+365/background.jpg HTTP/1.1\r\nHost: s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://financialalertsystem.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: JHKKMZ/Nd/vKTHaqjTAInNtTw7OXP9IZ55biSmKmlaIotllpWPyiOtrFG4YU6/sFSffS2/XoYwwuhxo9zcHt0MbyVRd3qypZ\r\nx-amz-request-id: B0R97RKPWE42H4BQ\r\nDate: Tue, 24 Mar 2026 00:51:11 GMT\r\nLast-Modified: Tue, 21 Feb 2017 14:16:38 GMT\r\nETag: \"65283b123eb235e6176ae98c02ac5b1c\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 203294\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":203294,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1420x1080, components 3","md5":"65283b123eb235e6176ae98c02ac5b1c","sha1":"c50ca32b13a2dcbde0cb6eb2d4f72c252f14ac3f","sha256":"7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b","sha512":"dae0ecef268b7b1e5c06c3e29d117a2fe1325af55f98ab243aa8c11a6ba8b76a0b04982a0082daf6181dd90e53c1c1f7df3ce0422ad1eb198c4239df17fdf85a","ssdeep":"6144:y7rl7FpBDJprc62/fhtJUvTG8F7VCyxNvZaOh:yN77B1dc6A+j5zvth","tlshash":"b014136faad6d3affe10467fc206683a582f393d85a6853b001e946de7f15f71da0081","first_seen":"2023-05-02T14:12:33Z","last_seen":"2026-06-03T16:10:07.560207Z","times_seen":357,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":173,"dns":0,"connect":0,"send":0,"wait":153,"receive":297,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"financialalertsystem.com/favicon.ico","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"ip":{"addr":"99.81.16.146","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","date":"2026-03-24T00:51:10.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"financialalertsystem.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 22 Sep 2025 00:00:00 GMT","end":"Wed, 21 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:26:5B:DC:C1:D1:9A:CA:DF:24:87:B7:65:A5:70:21:DF:CC:61:70","sha256":"87:85:43:20:0C:E9:90:AE:F9:58:C3:FC:02:D5:F3:11:C9:AE:34:4C:7C:30:37:5A:71:9B:54:AC:70:64:7C:98"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: financialalertsystem.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: csrf=i4y2P3xqqK0UyOdVgdG4SzgzYWVhNGQ0ZWQ2YjVjNDY3NGUyY2I3NWNhN2ZkMzJjMzk3NmQ1MmQ%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 24 Mar 2026 00:51:10 GMT\r\ncontent-type: text/html\r\nserver: nginx\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-13T17:21:36.173117Z","times_seen":526316,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-24","alert":"Phishing Block","trigger":"financialalertsystem.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"financialalertsystem.com/landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7","fqdn":"financialalertsystem.com","domain":"financialalertsystem.com","tld":"com"},"ip":{"addr":"99.81.16.146","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-24T00:51:09.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"financialalertsystem.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 22 Sep 2025 00:00:00 GMT","end":"Wed, 21 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:26:5B:DC:C1:D1:9A:CA:DF:24:87:B7:65:A5:70:21:DF:CC:61:70","sha256":"87:85:43:20:0C:E9:90:AE:F9:58:C3:FC:02:D5:F3:11:C9:AE:34:4C:7C:30:37:5A:71:9B:54:AC:70:64:7C:98"}}},"request":{"raw":"GET /landing/form/135e1a09-1dba-4699-af44-0779e7fd4ef7 HTTP/1.1\r\nHost: financialalertsystem.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 00:51:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: unsafe-url\r\nset-cookie: csrf=i4y2P3xqqK0UyOdVgdG4SzgzYWVhNGQ0ZWQ2YjVjNDY3NGUyY2I3NWNhN2ZkMzJjMzk3NmQ1MmQ%3D; path=/; secure\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2683,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (549)","md5":"c73b8f39faa84f1f07c080df0b893fb1","sha1":"66d25cc9f7f705a5ab3fe36d71952c9602eb4d32","sha256":"5ce1623128fc3d99087f5a1dce53c55e02c14099e2edc3def2dcebeebb584092","sha512":"7ade3624f6c22e1af0a5850268619493b297cec4186300fd320b5ecfd1d0f1a23a7dc348b5c6cfaca8426224ffbfc7c99c4954b85acc9f7b45a9163708356ea1","ssdeep":"","tlshash":"3851681a46560301a767b3d0f5a2eb592131020ba7a64c7c3dbd9e92f7cdcb9037b5c9","first_seen":"2026-03-23T12:48:22.475658Z","last_seen":"2026-03-24T00:51:32.471836Z","times_seen":2,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":208,"dns":0,"connect":33,"send":0,"wait":96,"receive":0,"ssl":172},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-24","alert":"Sinkholed","trigger":"financialalertsystem.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-24","alert":"Phishing Block","trigger":"financialalertsystem.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}