{"report_id":"b60c4d73-523b-4476-a5eb-05a7cb0d6666","version":0,"status":"done","tags":[],"date":"2026-06-28T10:04:05Z","url":{"schema":"http","addr":"authwe-conne.xyz","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":0,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"authwe-conne.xyz/","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"title":"WeTransfer account | WeTransfer","dom":{"size":15513,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1179)","md5":"24043a4211d97282a3756a8a4cc42cb1","sha1":"9586cecec079ac5adf7c8c66a7e656bd2ceca127","sha256":"1b4da8bad50157f62f8eaa638747800dfcca3a4c8ca9afb9cabcf24005696e1f","sha512":"81800bbaefc45f5e0f295be9e1556030e23205d6fbd4b0c6dd7a05a9afd09d4872e04e38c34f4f4cec8f17aab3f5cef20b53977335509da8d7a0971bfaa04f28","ssdeep":"192:QuJDh23dKQB+f8L/B1rRktgwN8h94UCmc2pRDzr+knQXFm32eRBzLjOGHH0RTsmU:xDhooknQXFqOPxjiH","tlshash":"bb62834580f8847552c349a5fbf2b60b3e60fe078a4b4a04b65d9aa53fdfc969c1f81c","dom_hash":"domhasheadaa449ba83d179d0349ffbb157328f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"authwe-conne.xyz","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":0,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T10:04:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"authwe-conne.xyz","ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-06-25","domain_rank":0,"first_seen":"2026-06-28T10:00:42.991508Z","last_seen":"2026-06-28T10:00:42.991509Z","alert_count":40,"request_count":10,"received_data":1110000,"sent_data":5524,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"auth-cdn.wetransfer.com","ip":{"addr":"13.249.8.38","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-12-14","domain_rank":0,"first_seen":"2021-02-19T10:02:05Z","last_seen":"2026-06-28T02:01:44.628366Z","alert_count":0,"request_count":1,"received_data":8966,"sent_data":507,"comment":"","tags":null,"fingerprints":[{"name":"Very Good Security","description":"Very Good Security (VGS) is a data security and compliance platform that enables developers to securely handle sensitive data by encrypting, tokenising, and transmitting it through an intermediary service.","website":"https://www.verygoodsecurity.com","common_platform_enumeration":"","icon":"Very Good Security.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Linkedin Ads","description":"Linkedin Ads is a paid marketing tool that offers access to Linkedin social networks through various sponsored posts and other methods.","website":"https://business.linkedin.com/marketing-solutions/ads","common_platform_enumeration":"","icon":"Linkedin.svg","categories":["Advertising"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Rokt","description":"Rokt is an ecommerce marketing technology that gives customers a personalised and relevant experience while buying online.","website":"https://www.rokt.com","common_platform_enumeration":"","icon":"Rokt.svg","categories":["Personalisation"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"authwe-conne.xyz/","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"e16b007d93f122f61399530e1010b6ce","sha1":"e8e2e71a00760268956056e86dd728b22c9d5642","sha256":"01fcecec538b6dd0d1ff8154ac5fe28375ad77cddb83eacb614481231b090ec4","sha512":"127240723381d30877b27e8c80797ac07358282a068eb49008615e98eb20eff9b97e8b3ce9591b6478aed38bd0fb9ae579112fed898a3aa4830b2838d42a118a","ssdeep":"","tlshash":"c8f0782f75e422b004df732a663beb023838004b7842a9943abe4f650f24d52305a6e3","size":655,"data":"","first_seen":"2026-06-07T13:35:41.750228Z","last_seen":"2026-06-28T10:04:06.434472Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"authwe-conne.xyz/","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T10:03:42.364Z","timestamp":1782641022364,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:42 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":15690,"size_decoded":3823,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1179), with CRLF line terminators","md5":"7f440ac8a5966d3ba28cc8c880328454","sha1":"b0237ff79d99d907f572fbde9c22d70d33f8c6e4","sha256":"89c4f5edf5b1e8ef59e5c87f69a2a1fcf586e837490f4aafd6054a41b49b3f17","sha512":"5a50388faeaf14422eeaa827dde6115ee8b059ce952ff4f379ed0202a9eda56776c6968e5e67c30eff6caf18b22a27964ad2cdd3a0fe1bf890398a192b4bd0ae","ssdeep":"192:xPTshY3dxf8VffyGM1CMgtMpZ/sBNRoms20RQz7SknQXFfD2lRKzBgOGHH0RTsms:5shHWknQXF6OPxRxQ","tlshash":"5c62834580f4843152b345a5ebf2b78afd20ea43874b9a04b59daba73ffbc549c1f814","first_seen":"2026-06-07T13:35:41.741251Z","last_seen":"2026-06-28T10:04:06.420503Z","times_seen":6,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":26,"connect":23,"send":0,"wait":23,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/css/style.css","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.925Z","timestamp":1782641022925,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/css/style.css HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 204236\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-31dcc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":204236,"size_decoded":204471,"mime_type":"text/css","magic":"HTML document, ASCII text, with very long lines (7444), with CRLF line terminators","md5":"8838f869decef9c552327ce21f0eae83","sha1":"cdd3a90c6d5aeb996156a0001b8820389d0d86ff","sha256":"bdbc6566bb6d84cd9bf176acac2d4c80dbd781eac3380bf70c80cb9425e05439","sha512":"dc0ff414d202993ca51697a176d4786f962765f8791f7ce1d217d58ddc8e3a2c72952afc59b2bea196381c2541101258546b08c0c406e84ecc9ba0ce6b872422","ssdeep":"3072:jtLlcLBzM1pS3dCVvemQle/gtAv1yZUwwzS:nc1zcpACVvIlVAwZj9","tlshash":"a614d6524626a25a9b392d24cbbb2188f00cd4d349073fa6f48ed6d4db7d27c7853e9c","first_seen":"2025-09-30T03:50:46.053706Z","last_seen":"2026-06-28T10:04:06.423332Z","times_seen":8,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/css/eux.css","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.927Z","timestamp":1782641022927,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/css/eux.css HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:42 GMT\r\nContent-Type: text/css\r\nContent-Length: 36502\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-8e96\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36502,"size_decoded":36735,"mime_type":"text/css","magic":"ASCII text, with very long lines (2008), with CRLF line terminators","md5":"51a5e5df2e16cb65d9fd51f23077dbbf","sha1":"27e4102558694c0de7a6fb406cb6632076d41c5b","sha256":"63b8d9978f7d6b6390e9b5221800b690088d943593dc1b4101120bf7a7573a26","sha512":"6255aeeedcb010c36f0ac0c28b9b6989715522634147ca2defaf24bcaff05b5c22c4affd4675fa181660ab6b8f09aed8b1493055cea255879e8e7d0a723bb5c5","ssdeep":"384:xkVqmxhkndC/6KFJY7voRgQSqQtBKbaRuaRNfj:eVqmxhrTYzTQSNtBKb9Mfj","tlshash":"5af2bb898670d18ee731aa35cf7761c4b906d8918a0d3f77b8a3d2c8658f53d3923e94","first_seen":"2025-09-30T03:50:46.04185Z","last_seen":"2026-06-28T10:04:06.424709Z","times_seen":8,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":19,"send":0,"wait":38,"receive":10,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/img/favicon.ico","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:43.274Z","timestamp":1782641023274,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/img/favicon.ico HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 28259\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-6e63\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28259,"size_decoded":28496,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48, 32 bits/pixel","md5":"0645e49b155ab444261fc713aa430a85","sha1":"93780b55c5e1da673180ccf01f9b37ad624ae58d","sha256":"5981f65aeddede91c5d9900f524c1403334c0ec539dfd643f4ec14bf8bed403d","sha512":"b18bdf360d1bfa66329bc1b789d6da111d11c4ae337f555f1598d8ddf8867e62ac41dfe2342784ecf7a04ea90c39290a45e44bc7f46bb6d41bb5c5c4fee80e93","ssdeep":"192:gRgbUBYJhni13k4CF/uLI9AyYswG3HaGhaCUTepZC4qQVZGkSoa2j:iiUKJFi1U4CFGLTsLhF44qQVDSoa2","tlshash":"87c20740184f6812c098423679d0c93b9593edc770dafcef21ec5d23bf86a44b5a9eb4","first_seen":"2023-10-05T17:10:14Z","last_seen":"2026-06-28T10:04:06.426018Z","times_seen":38,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auth-cdn.wetransfer.com/assets/styles/fonts.css","fqdn":"auth-cdn.wetransfer.com","domain":"wetransfer.com","tld":"com"},"ip":{"addr":"13.249.8.38","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.921Z","timestamp":1782641022921,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /assets/styles/fonts.css HTTP/1.1\r\nHost: auth-cdn.wetransfer.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-security-policy: default-src 'self'; script-src 'self' https://cdn.wetransfer.com 'nonce-1d63e1db-c6db-4623-872d-43d177bfd850' 'sha256-4hRuHNFOqK6I2GgL9T5HwGETI5qu8rNsCs1G/d5PPBk=' 'sha256-ZES/2z0cbUZYbmG6sgCzU453zUUUmmotyFwnZ7G8WaY=' 'sha256-NvzBT9rJnGEWMlHqwvXg6OHIegGdn5PsAP3YZ7RzmgE=' 'sha256-f/k++c7mXW35G13Y7R6PzP/vWuqKqAVF3ph0iisXZX0=' 'sha256-ws2EcVAq3u/bDFH4r+3pcRahQuX/HRlekAqTc6GnDWI=' 'sha256-Bd1r8fyU+a98FYknUDsYXLvQwPaw2Trg0SDQ0pT+cWY=' 'sha256-scue6/wrhAUP1T4+YMVMvhoJLHziYmv37BcJuN11XwM=' 'sha256-tUHp97FxQMwOfUs1KAvNxJvnntHhr1ukXQBr1sZ/vKA=' 'sha256-L8m6ygYvYlmr5M0s5E/t19ls7FHY3o5G8LFtd8UqytA=' 'sha256-cWB6LeQeTPFHH9QCg8VrP0sPJfqqdgDupHwitbxysNo=' 'sha256-1+tdasFuSYydtmIV8i2k8bpXyDasrvpd0i6vXt5p8xo=' 'sha256-pe6hK6/pXs86IrWP5sSJTjHKKgBqZoSjkbrMZLM0MQg=' 'wasm-unsafe-eval' blob: https://nolan.wetransfer.net https://nolan.wetransferbeta.net https://accounts.google.com https://tagging.wetransfer.com https://www.googletagmanager.com https://bat.bing.com https://cdn.cookielaw.org https://js.stripe.com https://js.verygoodvault.com https://js3.verygoodvault.com https://script.hotjar.com https://static.hotjar.com https://*.clarity.ms https://*.rokt.com https://*.hcaptcha.com https://*.typeform.com https://connect.facebook.net https://s.pinimg.com https://ct.pinterest.com https://snap.licdn.com https://*.brandmetrics.com https://*.amazon-adsystem.com https://*.crwdcntrl.net https://js.adsrvr.org https://securepubads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.googleadservices.com https://www.google.com https://pagead2.googlesyndication.com https://*.zendesk.com https://static.zdassets.com https://ekr.zdassets.com https://privacy.wetransfer.com https://*.doubleverify.com https://aam.a47b.com https://cdn.xpln.tech; style-src 'self' https://cdn.wetransfer.com 'unsafe-inline' https://fonts.googleapis.com https://accounts.google.com https://*.typeform.com; style-src-elem 'self' https://cdn.wetransfer.com 'unsafe-inline' https://fonts.googleapis.com https://accounts.google.com https://*.typeform.com https://www.gstatic.com https://translate.googleapis.com; font-src 'self' https://cdn.wetransfer.com data: https://fonts.gstatic.com https://checkoutshopper-live.adyen.com https://checkoutshopper-live.cdn.adyen.com https://checkoutshopper-test.adyen.com https://checkoutshopper-test.cdn.adyen.com; img-src 'self' data: blob: itms-apps: itms-appss: https://*.zendesk.com https://*.zdassets.com https://*.wetransfer.com https://*.wetransfer.net https://*.wetransferbeta.net https://*.wetransferbeta.com https://*.hotjar.com https://bat.bing.com https://bat.bing.net https://c.bing.com https://cdn.cookielaw.org https://*.googleusercontent.com https://accounts.google.com https://www.googletagmanager.com https://*.amazonaws.com https://www.facebook.com https://connect.facebook.net https://ad.doubleclick.net https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://adservice.google.com https://*.analytics.google.com https://www.google.com https://google.com https://www.google.co.uk https://www.google.de https://www.google.fr https://www.google.es https://www.google.co.in https://www.google.it https://www.google.nl https://www.google.at https://www.google.pl https://www.google.ch https://www.google.com.br https://www.google.co.za https://www.google.be https://www.google.pt https://www.google.ro https://www.google.com.tr https://www.google.se https://www.google.com.co https://www.google.com.ng https://www.google.si https://www.google.ca https://www.google.gr https://www.google.no https://www.google.com.au https://www.google.com.ar https://www.google.ge https://www.google.cl https://www.google.bg https://www.google.dk https://www.google.com.pk https://www.google.com.hk https://www.google.com.mx https://www.google.jo https://www.google.com.cy https://www.google.com.lb https://www.google.iq https://www.google.hr https://www.google.az https://www.google.al https://pagead2.googlesyndication.com https://www.googleadservices.com https://*.doubleverify.com https://di.rlcdn.com https://*.brandmetrics.com https://*.clarity.ms https://data.ad-score.com https://*.adform.net https://fonts.gstatic.com https://ep1.adtrafficquality.google https://*.flashtalking.com https://*.adsafeprotected.com https://*.adition.com https://*.everesttech.net https://tracker.samplicio.us https://track.activemetering.com https://pixel.mtrcs.samba.tv https://tag.researchnow.com https://*.hit.gemius.pl https://secure.insightexpressai.com https://*.innovid.com https://secure-gl.imrworldwide.com https://translate.google.com https://px.ads.linkedin.com https://x.bndspn.com https://apps.apple.com https://checkoutshopper-live.adyen.com https://checkoutshopper-live.cdn.adyen.com https://checkoutshopper-test.adyen.com https://checkoutshopper-test.cdn.adyen.com; connect-src 'self' blob: https://wetransferbeta.com https://*.wetransferbeta.net https://*.wetransferbeta.com https://wetransfer.com https://*.wetransfer.net https://*.wetransfer.com https://*.datadoghq.eu https://browser-intake-datadoghq.eu https://*.browser-intake-datadoghq.eu https://*.hcaptcha.com https://*.stripe.com https://js.verygoodvault.com https://js3.verygoodvault.com https://vgs-collect-keeper.apps.verygood.systems https://*.zendesk.com wss://*.zendesk.com https://*.zdassets.com https://app.launchdarkly.com wss://*.hotjar.com https://*.hotjar.io https://bat.bing.com https://bat.bing.net https://*.clarity.ms https://cdn.cookielaw.org https://*.onetrust.com https://fonts.googleapis.com https://accounts.google.com https://www.google.com https://www.googletagmanager.com https://*.rokt.com https://*.adzerk.net https://*.googlesyndication.com https://*.googleusercontent.com https://*.typeform.com https://*.amazonaws.com https://s.pinimg.com https://ct.pinterest.com https://*.amazon-adsystem.com https://ara.paa-reporting-advertising.amazon https://insight.adsrvr.org https://*.crwdcntrl.net https://*.ltmsphrcl.net https://x.bndspn.com https://apps.apple.com https://www.facebook.com https://www.google-analytics.com https://ad.doubleclick.net https://securepubads.g.doubleclick.net https://collector.brandmetrics.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://google.com https://ep1.adtrafficquality.google https://csi.gstatic.com https://translate-pa.googleapis.com https://translate.googleapis.com https://px.ads.linkedin.com https://checkoutshopper-live.adyen.com https://checkoutshopper-live.cdn.adyen.com https://checkoutshopper-test.adyen.com https://checkoutshopper-test.cdn.adyen.com https://checkoutanalytics-test.adyen.com https://checkoutanalytics-live.adyen.com; frame-src 'self' https://accounts.google.com https://tagging.wetransfer.com https://*.stripe.com https://js.verygoodvault.com https://js3.verygoodvault.com https://*.hcaptcha.com https://collectapp.page.link https://debugcollectapp.page.link https://*.wetransfer.net https://*.wetransfer.com https://*.wetransferbeta.net https://*.wetransferbeta.com https://*.rokt.com https://match.adsrvr.org https://insight.adsrvr.org https://ct.pinterest.com https://*.crwdcntrl.net https://www.googletagmanager.com https://www.google.com https://cm.g.doubleclick.net https://ep2.adtrafficquality.google https://securepubads.g.doubleclick.net https://*.googlesyndication.com https://*.amazon-adsystem.com https://gum.criteo.com https://google-bidout-d.openx.net https://www.facebook.com https://*.trustpilot.com https://console.googletagservices.com; worker-src 'self' blob:; media-src 'self' blob: https://*.wetransfer.net https://*.wetransfer.com https://*.wetransferbeta.net https://*.wetransferbeta.com https://wetransferplusimages.s3.eu-west-1.amazonaws.com https://static.zdassets.com; object-src 'none'; base-uri 'self'; form-action 'self' https://webto.salesforce.com https://test.salesforce.com https://wetransfer.zendesk.com https://www.facebook.com; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubabbc81b16855ec184b0753bf36600da1\u0026dd-evp-origin=content-security-policy\u0026ddsource=csp-report\u0026ddtags=service%3Afrontend-transfer%2Cenv%3Aproduction%2Cversion%3Ae0c077a06007bbc2dcb927a93a4701169bce70c8\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ndate: Sun, 28 Jun 2026 10:03:43 GMT\r\netag: \"b1nhztv0rx9nd\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: on\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-cache: Error from cloudfront\r\nvia: 1.1 baef86fdeac136e8f6ea0adf662fe0dc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P3\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: Z_W9Qn8HWh7mQOX9MFZV113Ex-326xaJtBoMaKNmnp8I_6vDb3bALQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Very Good Security","description":"Very Good Security (VGS) is a data security and compliance platform that enables developers to securely handle sensitive data by encrypting, tokenising, and transmitting it through an intermediary service.","website":"https://www.verygoodsecurity.com","common_platform_enumeration":"","icon":"Very Good Security.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Linkedin Ads","description":"Linkedin Ads is a paid marketing tool that offers access to Linkedin social networks through various sponsored posts and other methods.","website":"https://business.linkedin.com/marketing-solutions/ads","common_platform_enumeration":"","icon":"Linkedin.svg","categories":["Advertising"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Rokt","description":"Rokt is an ecommerce marketing technology that gives customers a personalised and relevant experience while buying online.","website":"https://www.rokt.com","common_platform_enumeration":"","icon":"Rokt.svg","categories":["Personalisation"]},{"name":"hCaptcha","description":"hCaptcha is an anti-bot solution that protects user privacy and rewards websites.","website":"https://www.hcaptcha.com","common_platform_enumeration":"","icon":"hCaptcha.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-29T16:32:13.373409Z","times_seen":16830189,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/images/we.svg","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.933Z","timestamp":1782641022933,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/images/we.svg HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15690,"size_decoded":3765,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1179), with CRLF line terminators","md5":"7f440ac8a5966d3ba28cc8c880328454","sha1":"b0237ff79d99d907f572fbde9c22d70d33f8c6e4","sha256":"89c4f5edf5b1e8ef59e5c87f69a2a1fcf586e837490f4aafd6054a41b49b3f17","sha512":"5a50388faeaf14422eeaa827dde6115ee8b059ce952ff4f379ed0202a9eda56776c6968e5e67c30eff6caf18b22a27964ad2cdd3a0fe1bf890398a192b4bd0ae","ssdeep":"192:xPTshY3dxf8VffyGM1CMgtMpZ/sBNRoms20RQz7SknQXFfD2lRKzBgOGHH0RTsms:5shHWknQXF6OPxRxQ","tlshash":"5c62834580f4843152b345a5ebf2b78afd20ea43874b9a04b59daba73ffbc549c1f814","first_seen":"2026-06-07T13:35:41.741251Z","last_seen":"2026-06-28T10:04:06.420503Z","times_seen":6,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":206,"dns":0,"connect":16,"send":0,"wait":17,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/img/cross-icon.svg","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.936Z","timestamp":1782641022936,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/img/cross-icon.svg HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 978\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-3d2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":978,"size_decoded":1213,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23619a01acd2d18a90248fc18a4556d6","sha1":"97be6eb095b41995b85b729c0c3a65ac38c0bbf0","sha256":"206707c9f5a32199abc0c29ba87ced2e0a380c3d08c080daa8f50ddbbe82afb5","sha512":"91b4bba07a2330369561bf14fd835af7fd74251972545833c07f40aa6551c1cc51df05db5f7cceb0ee190a25ca48a3c9c01935d01c88c72547dca74e5d33d245","ssdeep":"","tlshash":"d211d0e37625a5cc4502733d957e29dbd46e207da3c5ce65c040fce61c265748ae4d94","first_seen":"2025-09-30T03:50:46.04798Z","last_seen":"2026-06-28T10:04:06.429273Z","times_seen":5,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":205,"dns":0,"connect":19,"send":0,"wait":19,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/img/wetransfer-text-logo.svg","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.938Z","timestamp":1782641022938,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/img/wetransfer-text-logo.svg HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 6010\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-177a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6010,"size_decoded":6247,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"16089a9cf7473600e72c335003dc07f8","sha1":"91124d62a1f0ce56eac301ddb62f79848723d84d","sha256":"eb72afc1b098549b916c0f0642986ac512f2d688669f9c8e6fe97b714e4dde44","sha512":"d46ac85aba821728eb50bc7f2299bcd6e7fbb39b378ba33943d2ed1536466df00fb43823dba84b6755e6c72ce01bcba33405eddc0a59372276d833319b4a5de3","ssdeep":"96:0tItmaFWj7NfZdojsuLLZKWJgI9mTkApojUMEOVbw4nWOyDQJgY:qUI7dAKWJlokmOGSyDk","tlshash":"f2c1b8f452e897e0aa05e7e1d72aa476745f24fcfbc6c774c248be85e85205c9c8cc42","first_seen":"2025-09-30T03:50:46.051267Z","last_seen":"2026-06-28T10:04:06.43075Z","times_seen":5,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":205,"dns":0,"connect":20,"send":0,"wait":20,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/img/transfer-general.png","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.940Z","timestamp":1782641022940,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/img/transfer-general.png HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 749894\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-b7146\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":749894,"size_decoded":750130,"mime_type":"image/png","magic":"PNG image data, 1064 x 728, 8-bit/color RGBA, non-interlaced","md5":"191ca40eb60d9cec5c2bc10a4234b220","sha1":"ab246ed9555de1211f4f43c9929f1d2ec4b49fa6","sha256":"26350bef02c0812b33389f4d5336ba0aa3422ad165cd536507b8431a22992582","sha512":"91026fa8f6f92dd5c31a7af9e44e89f02e77f344ef61620581d43b555a784dbabba64b24046fab56e029bb7bf321bd7aa9a75f7153c65e287c94ec7689893137","ssdeep":"12288:R9ukJ7HfHYz+eAQHfCD7r+RXsi1JjM5+z9LLkgiMc7uwagRGTvkZIWyZucQE:Tukl/vDQ6naRcirw5+z5kvMAagUrOIWo","tlshash":"7df42377578f2b84cf17cd13948b43ab9544cc0b365738b2dab5948883212fbc99b9b6","first_seen":"2023-11-17T10:59:19Z","last_seen":"2026-06-28T10:04:06.431748Z","times_seen":112,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":205,"dns":0,"connect":0,"send":0,"wait":25,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/img/logo-free-mobile.svg","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.941Z","timestamp":1782641022941,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/img/logo-free-mobile.svg HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 5896\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-1708\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5896,"size_decoded":6133,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2d173c39f7b81975f8677174a88cc361","sha1":"ae0f852458658163619f91b7bf5f673fe7599e11","sha256":"56b27373bdcc3015b6b739c164aa53052ca141264e1a8e639c063c90c6d31560","sha512":"247b913305ef7173ef49cd521d22780b25b455035cc8062484e393802f331e94dbbf2960a6de6e5d4af9bfb2d1dd5ab0ae810979048e58e3efa1ade418b4c680","ssdeep":"96:X/HMrKAP4o4/ZqbAYPrmUYpX2w2QPZGl2D4tqvYkg/k4yillFCryF17IObpbYJI:PSKAPlrmH1ZpP4l2DpvYkxilfCryHL17","tlshash":"06c1b6de6b9566f46906e7f4c8325075be6634f9bb40ef508339ae50b4630edcc44c52","first_seen":"2025-09-30T03:50:46.034257Z","last_seen":"2026-06-28T10:04:06.432818Z","times_seen":5,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":205,"dns":0,"connect":22,"send":0,"wait":24,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwe-conne.xyz/assets/img/WeTransfer_logo.svg.png","fqdn":"authwe-conne.xyz","domain":"authwe-conne.xyz","tld":"xyz"},"ip":{"addr":"83.138.53.133","port":443,"asn":63473,"as":"HOSTHATCH","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwe-conne.xyz/","date":"2026-06-28T10:03:42.942Z","timestamp":1782641022942,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwe-conne.xyz","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Jun 2026 08:02:20 GMT","end":"Fri, 25 Sep 2026 08:02:19 GMT"},"fingerprint":{"sha1":"D1:95:85:52:C1:28:5D:B4:CC:1A:9A:3D:06:AB:C8:74:8E:B5:98:2F","sha256":"2C:C7:CF:6B:C7:4C:D0:B0:18:AB:11:21:CB:0A:1D:4A:B2:6B:B1:22:0A:F9:B2:9F:3A:93:3E:9D:20:6D:09:EF"}}},"request":{"raw":"GET /assets/img/WeTransfer_logo.svg.png HTTP/1.1\r\nHost: authwe-conne.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://authwe-conne.xyz/\r\nCookie: PHPSESSID=cu4uov3d615nqtql5cj9f4a10p\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 28 Jun 2026 10:03:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 44309\r\nLast-Modified: Sun, 07 Jun 2026 03:34:31 GMT\r\nConnection: keep-alive\r\nETag: \"6a24e6c7-ad15\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44309,"size_decoded":44543,"mime_type":"image/png","magic":"PNG image data, 2560 x 1280, 8-bit gray+alpha, non-interlaced","md5":"fb4c9c1e5b638c6818e38d20ef6ccade","sha1":"904450a49e034c4d9d4efc6d369f696fd7c9f1a5","sha256":"6d9b4e8216d2056f4efe3eab1694d010770822221b12bb01ae3da76f7c5adc72","sha512":"8691d474bd19ada59b05f714f67db7d6a04d6abd2fd4406ae04f4b2a059871d73cc0b74dffca7f08e7a3e9ead469887a82f01cac84f96325517baf447f642c9b","ssdeep":"768:qaeRrRrbxk2WFjvBZvyje0hduDWD/p5kd1bTRR9uALlxTAKY3HyfyT:Ipb+FjvP+ewQ4/pY1bNTuALlRYJT","tlshash":"3613f1e0640806a2d44e2fbf59f3958e7b6b8093a006561734dfbd2ca907d7e46ff464","first_seen":"2025-09-30T03:50:46.030684Z","last_seen":"2026-06-28T10:04:06.4336Z","times_seen":5,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":205,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"authwe-conne.xyz","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"authwe-conne.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}