{"report_id":"acd36f80-b1ae-4342-b3b9-d568e843a2a6","version":6,"status":"done","tags":[],"date":"2026-02-25T17:50:17Z","url":{"schema":"http","addr":"connected-xfinity.165-245-178-72.cpanel.site","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"ip":{"addr":"165.245.178.72","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"connected-xfinity.165-245-178-72.cpanel.site/","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"title":"404","dom":{"size":868,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"72984288d744ae1bac5e662448da10c8","sha1":"ae0b5bcc0657e0863c827a98edeb873846f3e06e","sha256":"efee68245487f3ab937e66e4b287658c6def52abad444e3c1f1118921076dabc","sha512":"cfc9266c42e7e6c741de6f44e42431efc5fe93b074eeb38a610fe3238b2035e615eb5a8eee50c15ab43917f76ccf73c7c2a157aa0fb18636cdeb2715eaee2942","ssdeep":"","tlshash":"ab11125f40044e89120181e2f205329ad58f6e4ebe02c960d27f627ad5f9fc7d17b5b8","dom_hash":"domhashbbf0be2c936987a70c3b259e3c90210c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"connected-xfinity.165-245-178-72.cpanel.site","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"ip":{"addr":"165.245.178.72","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-01T17:50:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":2111,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"connected-xfinity.165-245-178-72.cpanel.site","ip":{"addr":"165.245.178.72","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2024-09-05","domain_rank":0,"first_seen":"2026-02-25T01:20:05.038534Z","last_seen":"2026-02-25T01:20:05.038534Z","alert_count":16,"request_count":4,"received_data":6600,"sent_data":2205,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"connected-xfinity.165-245-178-72.cpanel.site/","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"ip":{"addr":"165.245.178.72","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T17:49:56.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.connected-xfinity.165-245-178-72.cpanel.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 17:36:00 GMT","end":"Wed, 20 May 2026 17:35:59 GMT"},"fingerprint":{"sha1":"E2:0F:86:1C:5E:09:5E:1A:37:CE:E2:6F:AD:02:16:33:9C:08:07:0C","sha256":"D8:51:58:A9:F6:1A:08:A4:A5:6D:8E:CA:85:13:4D:07:EB:4F:EC:EE:A1:00:57:D2:BD:C0:F7:34:CC:6C:1B:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: connected-xfinity.165-245-178-72.cpanel.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 17:49:57 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=883a3faa48f30a4efde0e14d6f893c59; path=/\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":919,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"b5857ee5c857c3f502155a1c8dfff291","sha1":"43af7c3c578f948edb6d50532a517efdd54e6534","sha256":"a4fb9a5f73934af9f96f4ab985fdacc3a3f86630adb6923e70776288d6ebaec3","sha512":"9f385b084239783f92e58d99aa0959b777f67e3203cfa3f6bc9963a2c49d84e0174c44146f87bd188e0f322c57d5bbbc916b129b6ee6f04bbe837a0a9e56acc1","ssdeep":"","tlshash":"c411045e10045995025251a3e036316ad48b6f4b6b625520f17f323ba2e6b86f0675a9","first_seen":"2026-02-25T01:20:06.183652Z","last_seen":"2026-02-25T17:50:18.04973Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2868,"timings":{"blocked":672,"dns":1,"connect":332,"send":0,"wait":1524,"receive":0,"ssl":336},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Kanit:200","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://connected-xfinity.165-245-178-72.cpanel.site/","date":"2026-02-25T17:49:58.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css?family=Kanit:200 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://connected-xfinity.165-245-178-72.cpanel.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 25 Feb 2026 17:49:59 GMT\r\ndate: Wed, 25 Feb 2026 17:49:59 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1425,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ce994020e6c9d3cd04c3f496af7f4421","sha1":"bfe976763dc5064609f782edbf7015abad07b80e","sha256":"f1ae435baa05ce75cbdecbeabf31bd65270777b60a96cdf592e6e933c41a3208","sha512":"02b4db6366288993ee5b7e096d638702eeaecdef9237e3d68f1953e2241e7fa30a49e69e6d22a4ccc917eb4ae4aa708c034b13412d7acf72378277e16894c678","ssdeep":"","tlshash":"b621eba1a427d54077a32cc253ce7d268e9e61107441a976affe088caca6d32232570d","first_seen":"2025-09-18T13:37:59.910297Z","last_seen":"2026-06-01T11:06:16.061322Z","times_seen":38,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":109,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connected-xfinity.165-245-178-72.cpanel.site/PUBLICENEMY/assets/panel/css/font-awesome.min.css","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"ip":{"addr":"165.245.178.72","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://connected-xfinity.165-245-178-72.cpanel.site/","date":"2026-02-25T17:49:58.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.connected-xfinity.165-245-178-72.cpanel.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 17:36:00 GMT","end":"Wed, 20 May 2026 17:35:59 GMT"},"fingerprint":{"sha1":"E2:0F:86:1C:5E:09:5E:1A:37:CE:E2:6F:AD:02:16:33:9C:08:07:0C","sha256":"D8:51:58:A9:F6:1A:08:A4:A5:6D:8E:CA:85:13:4D:07:EB:4F:EC:EE:A1:00:57:D2:BD:C0:F7:34:CC:6C:1B:A5"}}},"request":{"raw":"GET /PUBLICENEMY/assets/panel/css/font-awesome.min.css HTTP/1.1\r\nHost: connected-xfinity.165-245-178-72.cpanel.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://connected-xfinity.165-245-178-72.cpanel.site/\r\nCookie: PHPSESSID=883a3faa48f30a4efde0e14d6f893c59\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 17:49:59 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1681,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"4e3a5519db3bd89302468f9ea6c6c3c4","sha1":"c10ea35c95a3ed101684528c95c024cf2462bc63","sha256":"5b2c68e7fe7f25c293004207f0b701e0eca44d2db036ab3d92cdb32f8ad2be2e","sha512":"d2c9358e0f6ee0a9b904e33bd9aba33f1cd8d85aded69694d40903b10eeadb0b0575ba824f104f6c920ed275536f2cfb768514e3b8cc93c6efcba74ee9088beb","ssdeep":"","tlshash":"3531f26e00444d99031192f3e137316ad08bbf4b6b135630f16b337ba2d5b4af5675b9","first_seen":"2026-02-25T01:20:06.178591Z","last_seen":"2026-02-27T00:18:56.210291Z","times_seen":4,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"connected-xfinity.165-245-178-72.cpanel.site/PUBLICENEMY/assets/panel/css/style.css","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"ip":{"addr":"165.245.178.72","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://connected-xfinity.165-245-178-72.cpanel.site/","date":"2026-02-25T17:49:58.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.connected-xfinity.165-245-178-72.cpanel.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 17:36:00 GMT","end":"Wed, 20 May 2026 17:35:59 GMT"},"fingerprint":{"sha1":"E2:0F:86:1C:5E:09:5E:1A:37:CE:E2:6F:AD:02:16:33:9C:08:07:0C","sha256":"D8:51:58:A9:F6:1A:08:A4:A5:6D:8E:CA:85:13:4D:07:EB:4F:EC:EE:A1:00:57:D2:BD:C0:F7:34:CC:6C:1B:A5"}}},"request":{"raw":"GET /PUBLICENEMY/assets/panel/css/style.css HTTP/1.1\r\nHost: connected-xfinity.165-245-178-72.cpanel.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://connected-xfinity.165-245-178-72.cpanel.site/\r\nCookie: PHPSESSID=883a3faa48f30a4efde0e14d6f893c59\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 17:49:59 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1681,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"4e3a5519db3bd89302468f9ea6c6c3c4","sha1":"c10ea35c95a3ed101684528c95c024cf2462bc63","sha256":"5b2c68e7fe7f25c293004207f0b701e0eca44d2db036ab3d92cdb32f8ad2be2e","sha512":"d2c9358e0f6ee0a9b904e33bd9aba33f1cd8d85aded69694d40903b10eeadb0b0575ba824f104f6c920ed275536f2cfb768514e3b8cc93c6efcba74ee9088beb","ssdeep":"","tlshash":"3531f26e00444d99031192f3e137316ad08bbf4b6b135630f16b337ba2d5b4af5675b9","first_seen":"2026-02-25T01:20:06.178591Z","last_seen":"2026-02-27T00:18:56.210291Z","times_seen":4,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"connected-xfinity.165-245-178-72.cpanel.site/favicon.ico","fqdn":"connected-xfinity.165-245-178-72.cpanel.site","domain":"165-245-178-72.cpanel.site","tld":"cpanel.site"},"ip":{"addr":"165.245.178.72","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://connected-xfinity.165-245-178-72.cpanel.site/","date":"2026-02-25T17:49:59.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.connected-xfinity.165-245-178-72.cpanel.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Feb 2026 17:36:00 GMT","end":"Wed, 20 May 2026 17:35:59 GMT"},"fingerprint":{"sha1":"E2:0F:86:1C:5E:09:5E:1A:37:CE:E2:6F:AD:02:16:33:9C:08:07:0C","sha256":"D8:51:58:A9:F6:1A:08:A4:A5:6D:8E:CA:85:13:4D:07:EB:4F:EC:EE:A1:00:57:D2:BD:C0:F7:34:CC:6C:1B:A5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: connected-xfinity.165-245-178-72.cpanel.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://connected-xfinity.165-245-178-72.cpanel.site/\r\nCookie: PHPSESSID=883a3faa48f30a4efde0e14d6f893c59\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 25 Feb 2026 17:49:59 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":845,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"7c233e42c31f596896765c42e18a2bc2","sha1":"37d0b287222fe0ee4695028a0889e9c6906904ef","sha256":"22c5779a8cbbc4f23b59c7ccec650b08bbd0f328f64cb54e2879cdc50784fa74","sha512":"1cb84be1a08f421f864186d2e891461d3f898bedf2aac1bfd6f0f64b9bb830b4d6e5d6cfd28199c6aec95278cbd9098e0a54366a1ae9819a1f2c4a8ced6c8b54","ssdeep":"","tlshash":"9601121e00484d99031191a3e037316ad08bbf4bab125620f16f333b92e574af1661a9","first_seen":"2026-02-25T01:20:06.181323Z","last_seen":"2026-02-25T17:50:18.052157Z","times_seen":2,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":335,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"connected-xfinity.165-245-178-72.cpanel.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}