{"report_id":"b6ff4465-912b-4327-a76d-c0355119d219","version":6,"status":"done","tags":["netflix","phishing"],"date":"2026-01-04T07:08:58Z","url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"title":"Netflix","dom":{"size":1714,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"04609a53518f02f467b8252112ed6e04","sha1":"be6f66d66e8e8509537a676dc129422c4c2ba8b7","sha256":"b4415a424221dadab5954943b38c4c2d59419d52ca90ad05a193dbb50eefc927","sha512":"eec7bc71f9baec811917ae23a597df1c4405b4209b3a7ee0a00444a2ea57901d8eb11f8db46a9ba552d93e22a3d704e1bce66071de30f6076f295037109227fa","ssdeep":"","tlshash":"7731501504f006278a928040aa95aa192e80c503c917da04b6fc0fc31fe7f47cd8f32d","dom_hash":"domhashc8426faf4c77f2b0a2c32b1b3800b5ca","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T07:08:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"roberto984-roberto.github.io","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"summary":[{"fqdn":"roberto984-roberto.github.io","ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2013-03-08","domain_rank":0,"first_seen":"2025-06-29T09:50:19.166503Z","last_seen":"2025-12-05T16:04:46.681298Z","alert_count":25,"request_count":5,"received_data":2756144,"sent_data":2421,"comment":"","tags":null,"fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"roberto984-roberto.github.io/favicon.ico","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://roberto984-roberto.github.io/netflix/","date":"2026-01-04T07:08:34.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: roberto984-roberto.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://roberto984-roberto.github.io/netflix/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: GitHub.com\r\ncontent-type: text/html; charset=utf-8\r\netag: W/\"693afc34-239b\"\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'\r\ncontent-encoding: gzip\r\nx-github-request-id: 8CE0:32E205:F20726E:F53B50F:695A11F2\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 07:08:34 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767510514.059938,VS0,VE124\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 6d3ee9296c623a8da11fe47f0ff8f78565346dd3\r\ncontent-length: 5142\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":9115,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3909)","md5":"1eb970ce5a18bec7165f016df8238566","sha1":"9efd1514af80fe14db4ed28e9bc53975b9ee089c","sha256":"70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3","sha512":"21b4d800cc282ca452f7394e95d5382340ac3481a002c21da681005a44f18ea6cf43959990cd715b4657f180e0e96d6087fe724f3200e909f9fd70ebcd5511bd","ssdeep":"192:Ywnb1iC9OA9XXMa9kukrALQDUnulGVopLAGCALQD6vnglET31iCLL3d:7B8H3DUulGmmv3D6vglETliCfN","tlshash":"e6126d7e19e93308d8028a1539f267993d65880f9e866e6fb5ad0351cf8fe10e1637cc","first_seen":"2023-04-05T03:08:51Z","last_seen":"2026-04-08T17:35:09.478749Z","times_seen":49359,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"roberto984-roberto.github.io","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T07:08:33.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /netflix/ HTTP/1.1\r\nHost: roberto984-roberto.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Fri, 27 Jun 2025 13:47:48 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"685ea104-6f3\"\r\nexpires: Sun, 04 Jan 2026 07:18:33 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 0AC4:26F783:E8E6872:EC22EE0:695A11F1\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 07:08:33 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767510513.469650,VS0,VE135\r\nvary: Accept-Encoding\r\nx-fastly-request-id: a97aa4f59a37893eaec49275334604b04ccc612c\r\ncontent-length: 720\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":1779,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"9b45de97c5aecca1efc715e92bc29986","sha1":"547e1c4e0614b513867c2cc572b619a604e03018","sha256":"095dc29c432788da7b25a50a51eef62dc73584c24ab50efbf4616d2ca7cdbc66","sha512":"492937266c7eb4609292796d5d684bbfb7e63adb425f4552e4e711af1a452d40b3952efcb1d5e8cf8f810846190253ae3a359b474476228fc644e23a7179c85c","ssdeep":"","tlshash":"da31fe1514c50d1a85b381649e919759fe918203cb07aa05b6ac2fc36ff7f06cd8b368","first_seen":"2025-06-29T09:50:21.724422Z","last_seen":"2026-03-09T22:31:33.076556Z","times_seen":7,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":35,"dns":4,"connect":13,"send":0,"wait":148,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"roberto984-roberto.github.io","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/styles.css","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://roberto984-roberto.github.io/netflix/","date":"2026-01-04T07:08:33.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /netflix/styles.css HTTP/1.1\r\nHost: roberto984-roberto.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://roberto984-roberto.github.io/netflix/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: text/css; charset=utf-8\r\nlast-modified: Fri, 27 Jun 2025 13:47:49 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"685ea105-146d\"\r\nexpires: Sun, 04 Jan 2026 07:18:33 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: E74D:2056B:EC0BFCA:EF404E7:695A11F1\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 07:08:33 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767510514.767833,VS0,VE131\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 03ebe7311d1be9a2c48219dfe6db1c0b5709fd06\r\ncontent-length: 1757\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":5229,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"63d8deaedfa4b32e3aa1200565ad2416","sha1":"20031868e9ed17e67b4fb08a4939f8b3c825422c","sha256":"02e7a1240604c9e22448c9eb82cf6f3beff440dea02d679ff647df538839e40f","sha512":"b432c92c4206a717496b91255df380f4bad01e6734fcbadb4dd757e0719c71bc3537182d29ee112e4bc0866ae4d49f84543d5f2dc94bd26d0e1b0b7e9793ad59","ssdeep":"96:a9jUJVdFTLl/WxleSALS3vciBwrRLP749rvXjaGXRa:aYVzLwLpoSkiBwrRLP749rvzd4","tlshash":"e6b1302456a412073133d66cb3f28395eb3c849357c6a16c7295b3b49ffcaa8415efca","first_seen":"2025-06-29T09:50:21.73069Z","last_seen":"2026-03-09T22:31:33.077262Z","times_seen":7,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"roberto984-roberto.github.io","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/img/logon.png","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://roberto984-roberto.github.io/netflix/","date":"2026-01-04T07:08:33.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /netflix/img/logon.png HTTP/1.1\r\nHost: roberto984-roberto.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://roberto984-roberto.github.io/netflix/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Fri, 27 Jun 2025 13:47:48 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"685ea104-59e5\"\r\nexpires: Sun, 04 Jan 2026 07:18:33 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: F4ED:35D5BF:EB9EC1F:EEDBE83:695A11F1\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 07:08:33 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767510514.769178,VS0,VE137\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 083c194427749bee5a1cdcb73eb1363fe36504bc\r\ncontent-length: 23013\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2265 x 755, 8-bit/color RGBA, non-interlaced","md5":"ed88059ce4bcc9b07f97ad1f21bc7aed","sha1":"4cb8e4b13617f5a65cc31a084be1d76e13a81c9a","sha256":"c336a88447070bf5848b5d59128413bc537ce8af31d91b1872e5173f01cc0d46","sha512":"c931d617e8ea954b708969ad7640b9b1408c2f6c8db546410e52c4666a974742920c931410efe4c800543bd89be2b2cb00ac520ed9667a09815bed0cbb2276ae","ssdeep":"384:lYDgS5mx+tsgXzuZ2VHkhXLONtVL7s7p8hiV3UomcWTOlldD78gB:oIxGVqx7ONTwtyiV3eK1DNB","tlshash":"e5a28c0bceb78eeccc0108f19868a762b3e707a80151dd0107fded7b9c5645b61db5a9","first_seen":"2023-05-10T17:45:01Z","last_seen":"2026-04-05T10:08:47.764268Z","times_seen":328,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"roberto984-roberto.github.io","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"roberto984-roberto.github.io/netflix/img/fondo3.jpeg","fqdn":"roberto984-roberto.github.io","domain":"roberto984-roberto.github.io","tld":"github.io"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://roberto984-roberto.github.io/netflix/","date":"2026-01-04T07:08:33.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /netflix/img/fondo3.jpeg HTTP/1.1\r\nHost: roberto984-roberto.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://roberto984-roberto.github.io/netflix/styles.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/jpeg\r\nx-origin-cache: HIT\r\nlast-modified: Fri, 27 Jun 2025 13:47:49 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"685ea105-2967f0\"\r\nexpires: Sun, 04 Jan 2026 07:18:34 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 67B0:355767:EB5B061:EE97A47:695A11F1\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 07:08:34 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767510514.962574,VS0,VE415\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 8e96b6ebdf84632265f400aa0ade0eb1a7f60a41\r\ncontent-length: 2713584\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2713584,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2560x1440, components 3","md5":"e32256004458c2e1fda4550f48cdc6db","sha1":"fadc4fbbae934b67348e896016620de553af772f","sha256":"438c594a3576805ab15ab209237d2fd19c31c9784f300bee624d8e5d2c23ecec","sha512":"cccea3e2799209ee758611184a8e7282538c380a8d999f6df9c1c81bb5b12d64dd49016c0ef03db68c098be0ef6ca6ba17d8161650f644256b9cb4aa67a77046","ssdeep":"24576:Q0A3snZdMwdi/tfjkF0MESvA26MBS+a5m1KIll/4+KI:Z0tfcxEt26qa56KQ/4+Z","tlshash":"6f25239967396722060c936560f7ce2ec60656d032e7955e3a06fad6f0cf41b82f84bf","first_seen":"2025-11-27T17:32:10.791129Z","last_seen":"2026-03-09T22:31:33.073719Z","times_seen":14,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-04","alert":"Phishing Block","trigger":"roberto984-roberto.github.io","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"roberto984-roberto.github.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}}]}