{"report_id":"9aeaaa62-8dba-4245-b4f3-f3b78a892f63","version":6,"status":"done","tags":[],"date":"2026-02-06T04:00:55Z","url":{"schema":"http","addr":"biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ","fqdn":"biocalsupport.click","domain":"biocalsupport.click","tld":"click"},"ip":{"addr":"66.212.16.133","port":0,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ","fqdn":"biocalsupport.click","domain":"biocalsupport.click","tld":"click"},"title":"Unsubscribe","dom":{"size":1371,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"5921b67a42cdf7647f3998d2da5e8686","sha1":"af387fbc5ac8d17dd562ee25aed340985f783d6b","sha256":"7398d1fe85e2ee27519b40e17b158d20bdff0b08b00cf7e3a174679352d361d3","sha512":"ac21fec469769ecd50de736192d445fc0434065e76abdc10d2ea2a7b6d9f163c415bdb5ec1132bc85959ac8960cbc01e004aa5891d6d8e157ac49db33e971423","ssdeep":"","tlshash":"a221752327111117f19e88b6b4d3e6ec3c045523541664bdbcd65874e1cc5ba12377ec","dom_hash":"domhash010306a9874ff7fb6aec5e7933b51262","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ","fqdn":"biocalsupport.click","domain":"biocalsupport.click","tld":"click"},"ip":{"addr":"66.212.16.133","port":0,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-13T04:00:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":3,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-06T04:00:36Z","timestamp":1770350436,"ip_dst":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":33000,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-02-06T04:00:36.517171+0000\",\"flow_id\":1400498228047079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":33000,\"dest_ip\":\"66.212.16.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"biocalsupport.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":1148},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":520,\"bytes_toclient\":1634,\"start\":\"2026-02-06T04:00:36.208103+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-06T04:00:40Z","timestamp":1770350440,"ip_dst":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":43616,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-02-06T04:00:40.951724+0000\",\"flow_id\":956037832693629,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":43616,\"dest_ip\":\"66.212.16.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"biocalsupport.click\",\"url\":\"/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1219},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":690,\"bytes_toclient\":1981,\"start\":\"2026-02-06T04:00:40.448381+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-06T04:00:41Z","timestamp":1770350441,"ip_dst":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":43616,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-02-06T04:00:41.209610+0000\",\"flow_id\":956037832693629,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":43616,\"dest_ip\":\"66.212.16.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"biocalsupport.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":21},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1265,\"bytes_toclient\":2352,\"start\":\"2026-02-06T04:00:40.448381+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"biocalsupport.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-06","alert":"Phishing Block","trigger":"biocalsupport.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"biocalsupport.click","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-06-17","domain_rank":3376940,"first_seen":"2025-07-05T19:51:15.18311Z","last_seen":"2026-02-06T04:00:54.2553Z","alert_count":9,"request_count":3,"received_data":1994,"sent_data":1405,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.37","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:7.2.24","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"AlmaLinux","description":"AlmaLinux is an open-source, community-driven Linux operating system that fills the gap left by the discontinuation of the CentOS Linux stable release.","website":"https://almalinux.org","common_platform_enumeration":"","icon":"AlmaLinux.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ","fqdn":"biocalsupport.click","domain":"biocalsupport.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T04:00:33.219Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ HTTP/1.1\r\nHost: biocalsupport.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":7002,"timings":{"blocked":7002,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-06T04:00:40Z","timestamp":1770350440,"ip_dst":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.9","port":43616,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-02-06T04:00:40.951724+0000\",\"flow_id\":956037832693629,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":43616,\"dest_ip\":\"66.212.16.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"biocalsupport.click\",\"url\":\"/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1219},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":690,\"bytes_toclient\":1981,\"start\":\"2026-02-06T04:00:40.448381+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"biocalsupport.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-06","alert":"Phishing Block","trigger":"biocalsupport.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ","fqdn":"biocalsupport.click","domain":"biocalsupport.click","tld":"click"},"ip":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T04:00:40.375Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ HTTP/1.1\r\nHost: biocalsupport.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 04:00:40 GMT\r\nServer: Apache/2.4.37 (AlmaLinux)\r\nX-Powered-By: PHP/7.2.24\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.37","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:7.2.24","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"AlmaLinux","description":"AlmaLinux is an open-source, community-driven Linux operating system that fills the gap left by the discontinuation of the CentOS Linux stable release.","website":"https://almalinux.org","common_platform_enumeration":"","icon":"AlmaLinux.svg","categories":["Operating systems"]}],"data":{"size":1500,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"d20609c61eed31888c9b2b8b73062ab2","sha1":"15e45ecf05ce4bc9e50676e4c03261334b8d82bf","sha256":"3e94ed74ccc5f057645cacead819fe96d3e96f92924a8ad7dfdbf16b432dc5d4","sha512":"f1d86dbc049c4c770bbf6cd63ce6757bd3e1655f784da95c37ea166c63a42bca9c1f7a8a98d139a698c0fd355cb5065b0496de8d3dad338ccb8161b2a2677e66","ssdeep":"","tlshash":"f631942337111156f19e89b6b5e3ebe93c108263681514fcbce18875e1cc6be22277ec","first_seen":"2023-04-05T16:26:25Z","last_seen":"2026-05-12T10:19:14.556815Z","times_seen":122,"resource_available":true,"data":null}},"time_used":807,"timings":{"blocked":228,"dns":74,"connect":155,"send":0,"wait":349,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-06T04:00:40Z","timestamp":1770350440,"ip_dst":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.9","port":43616,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-02-06T04:00:40.951724+0000\",\"flow_id\":956037832693629,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":43616,\"dest_ip\":\"66.212.16.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"biocalsupport.click\",\"url\":\"/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1219},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":690,\"bytes_toclient\":1981,\"start\":\"2026-02-06T04:00:40.448381+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-06","alert":"Phishing Block","trigger":"biocalsupport.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"biocalsupport.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"biocalsupport.click/favicon.ico","fqdn":"biocalsupport.click","domain":"biocalsupport.click","tld":"click"},"ip":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ","date":"2026-02-06T04:00:41.037Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: biocalsupport.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 04:00:41 GMT\r\nServer: Apache/2.4.37 (AlmaLinux)\r\nX-Powered-By: PHP/7.2.24\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"AlmaLinux","description":"AlmaLinux is an open-source, community-driven Linux operating system that fills the gap left by the discontinuation of the CentOS Linux stable release.","website":"https://almalinux.org","common_platform_enumeration":"","icon":"AlmaLinux.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.37","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:7.2.24","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":13,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6ed0a7b3d262f18276c5355ce00958b6","sha1":"d211e2ef8dd9e15443e081e455da91938085a2ff","sha256":"b2c586b993fb29ae224f95fa15a6d760f38dfbc2146b45d8564194ee04295b53","sha512":"2b3b669ad060c0343716f104a0d4602e5e24eb46ad568021516b4f33a9cc5f16dd77083f923243837de05b47a2ea745ec7f402c78ff175f6c2d5e2d33f458131","ssdeep":"","tlshash":"8c600033000000f00cc000ccc0c0c00fc0f00c3000000c0cc00000c030f0cc03000000","first_seen":"2023-04-07T16:35:28Z","last_seen":"2026-05-12T10:19:14.557498Z","times_seen":1243,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-06T04:00:41Z","timestamp":1770350441,"ip_dst":{"addr":"66.212.16.133","port":80,"asn":8100,"as":"ASN-QUADRANET-GLOBAL","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.9","port":43616,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-02-06T04:00:41.209610+0000\",\"flow_id\":956037832693629,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":43616,\"dest_ip\":\"66.212.16.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"biocalsupport.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://biocalsupport.click/L2xx3LRnGkojUGAfAjCdN6ALlRCrlCd01bQ5UpoTBB2cAv0XzQ\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":21},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1265,\"bytes_toclient\":2352,\"start\":\"2026-02-06T04:00:40.448381+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-06","alert":"Phishing Block","trigger":"biocalsupport.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-06","alert":"Sinkholed","trigger":"biocalsupport.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}