{"report_id":"a7304443-70a2-4132-94b6-d6dc344083c0","version":0,"status":"done","tags":[],"date":"2026-06-27T00:19:27Z","url":{"schema":"http","addr":"ubsusainc.com/client-login","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":0,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ubsusainc.com/client-login","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"title":"UBS Wealth Management Portal","dom":{"size":16389,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15299)","md5":"91ea44b5a1dce8bb607225a75586b411","sha1":"6b5f64e1d8decad69b06af47cb0b57278b457326","sha256":"125536da6363d3ee0917b94e94fb4318d097990588bc4b052c117a2dc0fb2b79","sha512":"dd6f78e6906822e62f6a105ab4cdbd9ecc51bc9bee388caba593b768eb9db95713987e6b442dac4fd3ba8f3529a860dcf1c98012491c53fb34f31ab3e37ddcbc","ssdeep":"384:r8KeHitW/1hqwSSGNcH7CBMLbmIYmXmXev5/jpWzUQrQX0eicCqwFKy:reH6W/1hqwSSGyH7CBsyIVWX05/jpWzV","tlshash":"8b72a830f384093ea6278ba9f3f1b73855b9c28bd21bd82df6b54159138ad4dd9232d4","dom_hash":"domhashfdf5525e7ea39ec5b05982884741b7bf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ubsusainc.com/client-login","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":0,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T00:19:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"ubsusainc.com","ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":9,"request_count":9,"received_data":1003172,"sent_data":3786,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.ubs.com","ip":{"addr":"184.25.4.40","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1993-02-15","domain_rank":95769,"first_seen":"2012-07-02T16:57:42Z","last_seen":"2026-06-11T12:19:01.541046Z","alert_count":0,"request_count":2,"received_data":10210,"sent_data":1120,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ubsusainc.com/assets/vendor-CInysrUq.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b6f61e7fd0f1a758c9d0ecfb0a5381f","sha1":"15d7923e439f647b9d45f791b2a39dc79ed50f8c","sha256":"ae4bd8120eb3487a3b450d032d96414485158de611d1056a545e3dcb30b17be0","sha512":"f8db5ef73fb5108b4b1325158190da0b975b698df8742eb755f29c0fc70cdebcfd293f1e25a802b79979569e86a0d2945944f64febf4267e199459e945bfee1d","ssdeep":"1536:bvoq9gKMdJgk1ssD4pPYYWE2qoEaMirU9rKtrAjB2tmx7Qh9:bwqWt1JcNgEg0KtrIEp","tlshash":"11d33bec31beb6516be746b100af1503723d2913184c4861b215fdaa6bf9406a1bffed","size":134662,"data":"","first_seen":"2026-06-27T00:19:33.559564Z","last_seen":"2026-06-27T02:33:21.870027Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/index-DRNcz_hY.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c70a8ab3c63a299d45d7bab6b2afc6bc","sha1":"8816965e5527b08e34d98127c496f08287ec6d8a","sha256":"d74de3b85f75b4717018c6d9ce4dfb0b072f57aff19c541c03913ff2628f1683","sha512":"9a6fe8d8edd5d76ef5c50bd42ebc235a3e1adfc913c35a7687dfb988630f0a4878899902260ad5461bd77f586fd92649eee7e5fdddc3cde6a0aa4db197dae662","ssdeep":"6144:4WdUhQ592xtXwIUgZDLIO0TQIIvajU/Tyn82cIYP3TxWxa223gSGRU/me5:4/Q5927LUa0Ddw/a8zIe2hi/x","tlshash":"07f43994f181f6ad9ba702a2103f500af03e5f55e85e8860f178d4f53eb844a6637fad","size":745312,"data":"","first_seen":"2026-06-27T00:19:33.547132Z","last_seen":"2026-06-27T02:33:21.869427Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/ionosSeed-D5JyN232.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"24f48dc794bb9b0745ecd23734cf3f8a","sha1":"cbc433aec469bfe483803f5ba239d5b7d5b06868","sha256":"9d5e15a568ae4eed8f1a9dbb6dc6fcb44f00bfe8e72b3f3f35d2ae2141de4a52","sha512":"b2bd4c5b74dc27e3765e64d0d0b9315d688ffff63ebde6ceaa34abf5677084d9c6ce0baa1a9157a282517a11ad3108057258d6fbe1f5fd8bb8492253a686114c","ssdeep":"","tlshash":"72d0eb0a287010f0c28210a0e432c20325370f3b1f18c474f2ad8a1d0c31e55d54bceb","size":282,"data":"","first_seen":"2026-06-27T00:19:33.561772Z","last_seen":"2026-06-27T02:33:21.865824Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/icons-DmR-g_DI.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"512a5a1e80535cbfd9ed056d6249138b","sha1":"8bcfb53860b4d8681a745a59d2aecd6cf1bd6836","sha256":"beac6389eb44106a2b7e3caca95f7265b28cf36aa14334bd7492ef2ee1249d92","sha512":"1907b5336e3a3cfe267d9dacbf8688b4d0430c60250b673f7d67c04886f0cf3f426f7a0c9311fcf75523c13ffc12934a3d8b0248ca5a9873c3327708ec7c0bf9","ssdeep":"768:kYiBvVzrItRF7jbwjDQsz4sfz8VYWFQWYCm0NUBd/D7JgpHt+BkFWs8sctiZkWPq:LG9ma8VbwNcHgBwWf0e","tlshash":"6ae2326e5b88227f40a2c8682b0fd1ce676c517d751e75a0b41f83b8e93146ec6a7fd0","size":31843,"data":"","first_seen":"2026-06-27T00:19:33.549677Z","last_seen":"2026-06-27T02:33:21.865202Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"GET USERS STATUS:401","filename":"http://ubsusainc.com/assets/index-DRNcz_hY.js","line_number":105,"column_number":30536},{"level":"log","text":"GET USERS RAW:{\"success\":false,\"error\":\"Unauthorized\"}","filename":"http://ubsusainc.com/assets/index-DRNcz_hY.js","line_number":105,"column_number":30578},{"level":"error","text":"getAllUsersFromIonos error:Failed to fetch users","filename":"http://ubsusainc.com/assets/index-DRNcz_hY.js","line_number":105,"column_number":30931}]},"http":[{"url":{"schema":"http","addr":"ubsusainc.com/client-login","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T00:18:56.950Z","timestamp":1782519536950,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /client-login HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nContent-Length: 491\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 998\r\nDate: Sat, 27 Jun 2026 00:18:57 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:48 GMT\r\nETag: \"415-6548c12d92016;6548c1339aee0\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1045,"size_decoded":1224,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"28ecfdb8fcaa11da9bd67c062c3b2c72","sha1":"bd81b66c1f17addde324512f77ac858d7cc07fab","sha256":"9176c763cfbd90a55dd106d356345ebfd6415b7071041c600e8b6b26b47919a5","sha512":"14d42cf743a167b301bd27d19a0a5f131a3e3a146c83ca07ee0a1dd90a42f7c2b080a830108ded9d0133c2a7138ef0c648b80d32909ebe2f5636fcde537e311f","ssdeep":"","tlshash":"8211af0285619c1556205578aed1f458ce52f18b8288e98cb0da60bc4e80fd1c6c767a","first_seen":"2026-06-27T00:19:33.544695Z","last_seen":"2026-06-27T02:33:21.868741Z","times_seen":3,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":3,"connect":113,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/index-DRNcz_hY.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:57.315Z","timestamp":1782519537315,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/index-DRNcz_hY.js HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/client-login\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 997\r\nDate: Sat, 27 Jun 2026 00:18:57 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:54 GMT\r\nETag: \"b5f60-6548c1336c0e0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":745312,"size_decoded":229564,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (63062)","md5":"c70a8ab3c63a299d45d7bab6b2afc6bc","sha1":"8816965e5527b08e34d98127c496f08287ec6d8a","sha256":"d74de3b85f75b4717018c6d9ce4dfb0b072f57aff19c541c03913ff2628f1683","sha512":"9a6fe8d8edd5d76ef5c50bd42ebc235a3e1adfc913c35a7687dfb988630f0a4878899902260ad5461bd77f586fd92649eee7e5fdddc3cde6a0aa4db197dae662","ssdeep":"6144:4WdUhQ592xtXwIUgZDLIO0TQIIvajU/Tyn82cIYP3TxWxa223gSGRU/me5:4/Q5927LUa0Ddw/a8zIe2hi/x","tlshash":"07f43994f181f6ad9ba702a2103f500af03e5f55e85e8860f178d4f53eb844a6637fad","first_seen":"2026-06-27T00:19:33.547132Z","last_seen":"2026-06-27T02:33:21.869427Z","times_seen":3,"resource_available":true,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/icons-DmR-g_DI.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:57.317Z","timestamp":1782519537317,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/icons-DmR-g_DI.js HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/client-login\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nContent-Length: 9109\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 996\r\nDate: Sat, 27 Jun 2026 00:18:57 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:51 GMT\r\nETag: \"7c63-6548c130b99fb-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31843,"size_decoded":9842,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6592)","md5":"512a5a1e80535cbfd9ed056d6249138b","sha1":"8bcfb53860b4d8681a745a59d2aecd6cf1bd6836","sha256":"beac6389eb44106a2b7e3caca95f7265b28cf36aa14334bd7492ef2ee1249d92","sha512":"1907b5336e3a3cfe267d9dacbf8688b4d0430c60250b673f7d67c04886f0cf3f426f7a0c9311fcf75523c13ffc12934a3d8b0248ca5a9873c3327708ec7c0bf9","ssdeep":"768:kYiBvVzrItRF7jbwjDQsz4sfz8VYWFQWYCm0NUBd/D7JgpHt+BkFWs8sctiZkWPq:LG9ma8VbwNcHgBwWf0e","tlshash":"6ae2326e5b88227f40a2c8682b0fd1ce676c517d751e75a0b41f83b8e93146ec6a7fd0","first_seen":"2026-06-27T00:19:33.549677Z","last_seen":"2026-06-27T02:33:21.865202Z","times_seen":3,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":113,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/index-LMgw1lFB.css","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:57.319Z","timestamp":1782519537319,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/index-LMgw1lFB.css HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/client-login\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Length: 17005\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 994\r\nDate: Sat, 27 Jun 2026 00:18:57 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:49 GMT\r\nETag: \"13c20-6548c12eb8ed8-gzip\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000\r\nExpires: Mon, 27 Jul 2026 00:18:57 GMT\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80928,"size_decoded":17805,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"192eb39bfce3c442f51a5882e7a28c53","sha1":"f9212b1c5dd3d941844df6ce175c58c21989c78e","sha256":"121ee95802b739d1076f8a74d2980fb224c64ef9531786a4973fc2176d2fa0e8","sha512":"51fe1b03353a017e4a3a127114cf201c709dbc9ec63ce31a3e2adb94d8cd9d2cd35ca2573dd2b37c333503fda1a80eb43f152e46017f7e8e5b8b0cc0ad5143d2","ssdeep":"1536:67SUUurhokJ6B8MQegGqn+378VQZkt5FyCWDz:67SUUurGkk8MQegGqn+378VQZkt5FqDz","tlshash":"0383842dba19503f3c2790f8d3dcb9aca11af1c0de3a05a6bd8642315ad37f65da7604","first_seen":"2026-06-27T00:19:33.552207Z","last_seen":"2026-06-27T02:33:21.870754Z","times_seen":3,"resource_available":false,"data":null}},"time_used":357,"timings":{"blocked":-1,"dns":0,"connect":113,"send":0,"wait":119,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/UBS_Logo_Semibold.svg","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:58.138Z","timestamp":1782519538138,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /UBS_Logo_Semibold.svg HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/client-login\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/svg+xml\r\nContent-Length: 3610\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 998\r\nDate: Sat, 27 Jun 2026 00:18:58 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:48 GMT\r\nETag: \"e1a-6548c12d5d456\"\r\nAccept-Ranges: bytes\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3610,"size_decoded":4288,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5a40296efe9969ac70b2da5caa6eefec","sha1":"bd17837840d8067f6e426f83af17d5d8d77aac3e","sha256":"93235948b9fc64cb3035b1bb481686f7174c423123fdd4a292d3a07704e3dbf1","sha512":"a0920716b2acb7bbdee778f1f388134953993c9ccb4a62dd310550f8eb7269b411c931448d6561d39896dea1241d3d4f5ddd6db51f30ffa5bee134436692cad7","ssdeep":"","tlshash":"ac714c2d8304c5f4ee5e5e98ad2e54e5b34ce1fb81c48390e368d92066718c9f69fe98","first_seen":"2023-11-29T05:22:27Z","last_seen":"2026-06-27T02:33:21.86764Z","times_seen":34,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":123,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ubs.com/etc/designs/fit/img/UBS_Logo_Semibold.svg","fqdn":"www.ubs.com","domain":"ubs.com","tld":"com"},"ip":{"addr":"184.25.4.40","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:58.368Z","timestamp":1782519538368,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ubs.com","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Oct 2025 00:00:00 GMT","end":"Mon, 23 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:47:F0:23:DA:EA:C3:9A:1A:37:80:A2:EF:0F:7F:5E:8D:8D:C3:CD","sha256":"6F:B5:C6:36:DA:3F:53:C4:76:09:C0:08:19:42:4B:C7:A2:CD:39:F5:4D:5C:B0:E4:26:C9:44:9A:80:6C:6B:DC"}}},"request":{"raw":"GET /etc/designs/fit/img/UBS_Logo_Semibold.svg HTTP/1.1\r\nHost: www.ubs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Accept,Accept-Language,Cache-Control,CSRF-Token\r\naccept-ranges: bytes\r\ncontent-type: image/svg+xml\r\nx-frame-ancestors: *.homegate.ch *.financescout24.ch *.immoscout24.ch *.acheter-louer.ch *.buy-rent.ch *.kaufen-mieten.ch *.pwj.com *.credit-suisse.com *.csintra.net *.houzy.ch *.moneyland.ch\r\npermissions-policy: microphone=(self), camera=(self)\r\naccess-control-allow-methods: GET,HEAD,POST,OPTIONS\r\norigin-agent-cluster: ?0\r\nx-age: 6\r\nx-xss-protection: 1; mode=block\r\nx-no-compression: true\r\nx-content-type-options: nosniff\r\nx-nodeid: inter-prod-p-1 - t=1768473590136070 D=39924\r\nx-varnish-cache: HIT\r\naccess-control-allow-origin: https://secure.ubs.com\r\nreferrer-policy: no-referrer-when-downgrade\r\nfeature-policy: camera 'self'; microphone 'self'\r\nx-cors-domain: *.ubs.com *.ubs.net\r\nx-frame-options: SAMEORIGIN\r\nlast-modified: Thu, 13 Aug 2020 14:30:00 GMT\r\nx-wss: wss://*.ubs.com\r\ncontent-security-policy: frame-ancestors 'self';\r\ncontent-encoding: br\r\ncontent-length: 1352\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 27 Jul 2026 00:18:58 GMT\r\ndate: Sat, 27 Jun 2026 00:18:58 GMT\r\nset-cookie: geo-country=NO; path=/; domain=.ubs.com; secure; HttpOnly; SameSite=None\r\nquic-version: 0x00000001\r\nalt-svc: h3=\":443\"; ma=93600\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3610,"size_decoded":2850,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5a40296efe9969ac70b2da5caa6eefec","sha1":"bd17837840d8067f6e426f83af17d5d8d77aac3e","sha256":"93235948b9fc64cb3035b1bb481686f7174c423123fdd4a292d3a07704e3dbf1","sha512":"a0920716b2acb7bbdee778f1f388134953993c9ccb4a62dd310550f8eb7269b411c931448d6561d39896dea1241d3d4f5ddd6db51f30ffa5bee134436692cad7","ssdeep":"","tlshash":"ac714c2d8304c5f4ee5e5e98ad2e54e5b34ce1fb81c48390e368d92066718c9f69fe98","first_seen":"2023-11-29T05:22:27Z","last_seen":"2026-06-27T02:33:21.86764Z","times_seen":34,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":0,"dns":57,"connect":2,"send":0,"wait":12,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/vendor-CInysrUq.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:57.318Z","timestamp":1782519537318,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/vendor-CInysrUq.js HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/client-login\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nContent-Length: 50877\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 995\r\nDate: Sat, 27 Jun 2026 00:18:57 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:51 GMT\r\nETag: \"20e06-6548c1300cc5a-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":134662,"size_decoded":51612,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (37535)","md5":"8b6f61e7fd0f1a758c9d0ecfb0a5381f","sha1":"15d7923e439f647b9d45f791b2a39dc79ed50f8c","sha256":"ae4bd8120eb3487a3b450d032d96414485158de611d1056a545e3dcb30b17be0","sha512":"f8db5ef73fb5108b4b1325158190da0b975b698df8742eb755f29c0fc70cdebcfd293f1e25a802b79979569e86a0d2945944f64febf4267e199459e945bfee1d","ssdeep":"1536:bvoq9gKMdJgk1ssD4pPYYWE2qoEaMirU9rKtrAjB2tmx7Qh9:bwqWt1JcNgEg0KtrIEp","tlshash":"11d33bec31beb6516be746b100af1503723d2913184c4861b215fdaa6bf9406a1bffed","first_seen":"2026-06-27T00:19:33.559564Z","last_seen":"2026-06-27T02:33:21.870027Z","times_seen":3,"resource_available":true,"data":null}},"time_used":493,"timings":{"blocked":-1,"dns":0,"connect":113,"send":0,"wait":121,"receive":259,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ubsusainc.com/assets/ionosSeed-D5JyN232.js","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":80,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:58.105Z","timestamp":1782519538105,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/ionosSeed-D5JyN232.js HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/client-login\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nContent-Length: 233\r\nConnection: keep-alive\r\nX-WS-Origin: available\r\nX-WS-RateLimit-Limit: 1000\r\nX-WS-RateLimit-Remaining: 999\r\nDate: Sat, 27 Jun 2026 00:18:58 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 18 Jun 2026 19:20:49 GMT\r\nETag: \"11a-6548c12e3edb7-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type, Authorization\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":282,"size_decoded":964,"mime_type":"text/javascript","magic":"Java source, ASCII text","md5":"24f48dc794bb9b0745ecd23734cf3f8a","sha1":"cbc433aec469bfe483803f5ba239d5b7d5b06868","sha256":"9d5e15a568ae4eed8f1a9dbb6dc6fcb44f00bfe8e72b3f3f35d2ae2141de4a52","sha512":"b2bd4c5b74dc27e3765e64d0d0b9315d688ffff63ebde6ceaa34abf5677084d9c6ce0baa1a9157a282517a11ad3108057258d6fbe1f5fd8bb8492253a686114c","ssdeep":"","tlshash":"72d0eb0a287010f0c28210a0e432c20325370f3b1f18c474f2ad8a1d0c31e55d54bceb","first_seen":"2026-06-27T00:19:33.561772Z","last_seen":"2026-06-27T02:33:21.865824Z","times_seen":3,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ubsusainc.com/api/get-users.php?t=1782519538234","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"74.208.236.34","port":443,"asn":8560,"as":"IONOS SE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:58.238Z","timestamp":1782519538238,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ubsusainc.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 May 2026 00:00:00 GMT","end":"Wed, 18 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"99:97:3A:0E:C9:5D:38:98:19:0A:96:AB:60:EB:C5:8E:C2:7D:DA:37","sha256":"92:5E:BB:C4:8F:33:42:A8:2A:12:D3:C5:FE:28:AB:EE:40:A5:C8:FB:73:F3:AF:35:E8:D5:3E:64:E0:99:5D:C3"}}},"request":{"raw":"OPTIONS /api/get-users.php?t=1782519538234 HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-admin-session\r\nReferer: http://ubsusainc.com/\r\nOrigin: http://ubsusainc.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 997\r\ndate: Sat, 27 Jun 2026 00:18:58 GMT\r\nserver: Apache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type, X-Admin-Session\r\naccess-control-allow-methods: GET, OPTIONS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":340,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":0,"dns":0,"connect":113,"send":0,"wait":153,"receive":0,"ssl":128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ubs.com/etc/designs/fit/img/UBS_Logo_Semibold.svg","fqdn":"www.ubs.com","domain":"ubs.com","tld":"com"},"ip":{"addr":"184.25.4.40","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ubsusainc.com/client-login","date":"2026-06-27T00:18:58.366Z","timestamp":1782519538366,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ubs.com","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Oct 2025 00:00:00 GMT","end":"Mon, 23 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C9:47:F0:23:DA:EA:C3:9A:1A:37:80:A2:EF:0F:7F:5E:8D:8D:C3:CD","sha256":"6F:B5:C6:36:DA:3F:53:C4:76:09:C0:08:19:42:4B:C7:A2:CD:39:F5:4D:5C:B0:E4:26:C9:44:9A:80:6C:6B:DC"}}},"request":{"raw":"GET /etc/designs/fit/img/UBS_Logo_Semibold.svg HTTP/1.1\r\nHost: www.ubs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ubsusainc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Accept,Accept-Language,Cache-Control,CSRF-Token\r\naccept-ranges: bytes\r\ncontent-type: image/svg+xml\r\nx-frame-ancestors: *.homegate.ch *.financescout24.ch *.immoscout24.ch *.acheter-louer.ch *.buy-rent.ch *.kaufen-mieten.ch *.pwj.com *.credit-suisse.com *.csintra.net *.houzy.ch *.moneyland.ch\r\npermissions-policy: microphone=(self), camera=(self)\r\naccess-control-allow-methods: GET,HEAD,POST,OPTIONS\r\norigin-agent-cluster: ?0\r\nx-age: 6\r\nx-xss-protection: 1; mode=block\r\nx-no-compression: true\r\nx-content-type-options: nosniff\r\nx-nodeid: inter-prod-p-1 - t=1768473590136070 D=39924\r\nx-varnish-cache: HIT\r\naccess-control-allow-origin: https://secure.ubs.com\r\nreferrer-policy: no-referrer-when-downgrade\r\nfeature-policy: camera 'self'; microphone 'self'\r\nx-cors-domain: *.ubs.com *.ubs.net\r\nx-frame-options: SAMEORIGIN\r\nlast-modified: Thu, 13 Aug 2020 14:30:00 GMT\r\nx-wss: wss://*.ubs.com\r\ncontent-security-policy: frame-ancestors 'self';\r\ncontent-encoding: br\r\ncontent-length: 1352\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 27 Jul 2026 00:18:58 GMT\r\ndate: Sat, 27 Jun 2026 00:18:58 GMT\r\nset-cookie: geo-country=NO; path=/; domain=.ubs.com; secure; HttpOnly; SameSite=None\r\nalt-svc: h3=\":443\"; ma=93600\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":3610,"size_decoded":2844,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5a40296efe9969ac70b2da5caa6eefec","sha1":"bd17837840d8067f6e426f83af17d5d8d77aac3e","sha256":"93235948b9fc64cb3035b1bb481686f7174c423123fdd4a292d3a07704e3dbf1","sha512":"a0920716b2acb7bbdee778f1f388134953993c9ccb4a62dd310550f8eb7269b411c931448d6561d39896dea1241d3d4f5ddd6db51f30ffa5bee134436692cad7","ssdeep":"","tlshash":"ac714c2d8304c5f4ee5e5e98ad2e54e5b34ce1fb81c48390e368d92066718c9f69fe98","first_seen":"2023-11-29T05:22:27Z","last_seen":"2026-06-27T02:33:21.86764Z","times_seen":34,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":58,"connect":1,"send":0,"wait":26,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ubsusainc.com/client-login","fqdn":"ubsusainc.com","domain":"ubsusainc.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T00:18:54.031Z","timestamp":1782519534031,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /client-login HTTP/1.1\r\nHost: ubsusainc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"ubsusainc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}