{"report_id":"b1107243-6823-4ca0-92e5-faba616c2cc2","version":6,"status":"done","tags":[],"date":"2025-05-02T15:18:14Z","url":{"schema":"https","addr":"gotradegenius.live/cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response=","fqdn":"gotradegenius.live","domain":"gotradegenius.live","tld":"live"},"ip":{"addr":"104.21.61.181","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"gotradegenius.live/cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response=","fqdn":"gotradegenius.live","domain":"gotradegenius.live","tld":"live"},"title":"403 Forbidden"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-11T15:18:14Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"gotradegenius.live","ip":{"addr":"172.67.212.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":10758,"sent_data":1584,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-02","alert":"Sinkholed","trigger":"gotradegenius.live","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-02","alert":"Sinkholed","trigger":"gotradegenius.live","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-02","alert":"Sinkholed","trigger":"gotradegenius.live","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"gotradegenius.live/cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response=","fqdn":"gotradegenius.live","domain":"gotradegenius.live","tld":"live"},"ip":{"addr":"172.67.212.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-02T15:17:53.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gotradegenius.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 29 Mar 2025 18:23:58 GMT","end":"Fri, 27 Jun 2025 19:22:40 GMT"},"fingerprint":{"sha1":"60:A4:8F:23:6F:BE:62:7D:A1:B3:F5:9E:92:7B:CF:B9:C3:B7:9C:8B","sha256":"C4:07:21:05:B9:19:8F:19:56:5D:6A:67:08:C8:8E:AB:12:E2:2A:5A:DE:59:61:B6:72:87:7E:9E:C4:90:82:27"}}},"request":{"raw":"GET /cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response= HTTP/1.1\r\nHost: gotradegenius.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET","post_data":{"size":121,"data":"{\"period\":\"1min\",\"symbolIds\":\"[\\\"52946918015242240\\\",\\\"52946918157848576\\\",\\\"52946920854786048\\\",\\\"52946921785921536\\\"]\"}"}},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Fri, 02 May 2025 15:17:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 93987cf15bdc56be-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":4945,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"7fe5131ae0bc3b942b9400f69265bb39","sha1":"286574a151aff3c89b1a6244e61a0f33814aa39e","sha256":"77a8d0084d535677821d700699faa7b73a0f78a59be5b4e1fd5f895f5e4065fc","sha512":"43e1b2ee8da38bc597c393a3bdab2e269aba4bee03a4ef6554630c0a9b872f3e0c2e21835ab1330fde6ff8c60006f86dfa588b876ce40eb41864bf0c898fd7f2","ssdeep":"96:fjFj7jOj8HDK/D5DMFGzj+i9GpckMgDqzdk2L7RLlvaQxPbK:fjFj7jOj8jK/VoQPS3MQqzC2L71lCeDK","tlshash":"daa18573f9bd117f20939172a1bdb70a7aa4c143db9a04907bbcc2751f8af85aa131c1","first_seen":"2025-05-02T15:18:17.882449Z","last_seen":"2025-05-02T15:18:17.882449Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":22,"dns":1,"connect":1,"send":0,"wait":21,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-02","alert":"Sinkholed","trigger":"gotradegenius.live","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gotradegenius.live/cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response=","fqdn":"gotradegenius.live","domain":"gotradegenius.live","tld":"live"},"ip":{"addr":"104.21.61.181","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-02T15:17:53.670Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response= HTTP/1.1\r\nHost: gotradegenius.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Fri, 02 May 2025 15:17:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nCF-RAY: 93987cf26c0f0afe-OSL\r\nX-Frame-Options: DENY\r\nX-Content-Type-Options: nosniff\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"c371fa8374a06a3c0535fc341d454236","sha1":"441671eacb9398792d435443beaddd3fc5fa1910","sha256":"eed0b81a2fbdd1c5a9f80705885fc5bbf346ba428a79ff7a13ec8491c6a8e96c","sha512":"16aea603a9259ebe5229f9b6660be132305922c296684490ce7ba3f1999c7fc4aa7e3f89f43c480bb0ba8cd47d32fc8ab8cf4e496418cc53a5aec8f2af78c714","ssdeep":"","tlshash":"aec08c26356e3c0ca6a321b502c3aaa0e082c330489a18104700420330c31a68ac3355","first_seen":"2023-04-14T10:39:22Z","last_seen":"2026-04-11T11:50:42.4572Z","times_seen":113576,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-02","alert":"Sinkholed","trigger":"gotradegenius.live","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gotradegenius.live/favicon.ico","fqdn":"gotradegenius.live","domain":"gotradegenius.live","tld":"live"},"ip":{"addr":"104.21.61.181","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"http://gotradegenius.live/cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response=","date":"2025-05-02T15:17:53.852Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gotradegenius.live\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gotradegenius.live/cdn-cgi/phish-bypass?atok=Yi9LL3U3duBj56c8byu1IHKqR4p9KOcaVS4AS5w5hZ4-1746125121.2101529-0.0.1.1-%2F\u0026cf-turnstile-response=\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Fri, 02 May 2025 15:17:53 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Frame-Options: SAMEORIGIN\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4Y%2Fwtfq4TVV%2By%2BNDdDt0%2F8szXD3ozteDPifDCMjfNty2MPLMp4CJAeKwXybf2Q696hWlu8WeQTwFZ60G8eqfHD%2FRTC6QHfrYTt%2FBjYJAdK0sDwQwVk8URVaM56rKaTs3HmKaTqA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 93987cf38d9e0afe-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":4556,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (394)","md5":"94a1a6dc59e205e26e48cb14016dd20a","sha1":"2cc756c3e2ddf4c68e7c290d2b7ecf5610a0bb65","sha256":"9421539d16a1a678426ea7b4dd32f437a9cecf010dad917d0a72dba00033eb87","sha512":"a78741fd4107fb57f84a0b3c117a1eb69e71aebe5f6015498c94b04cefdbf355c28a070f2669b10289602c90dd964d16bb1c37610c0ca65902fb038ea4495c76","ssdeep":"96:1j9jwIjYjUDK/D5DMF+BOiUAtuZZLmmRrR79PaQxJbGD:1j9jhjYjIK/Vo+troZ6mRrl9ieJGD","tlshash":"40916232f9bd117f10d3916261bda7097aa5c143dbab099036bcc1761f8ef45ae232c5","first_seen":"2025-05-02T15:18:17.884323Z","last_seen":"2025-05-02T15:18:17.884323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-05-02","alert":"Sinkholed","trigger":"gotradegenius.live","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}