{"report_id":"b908a364-9489-4106-a7be-d87e95247e6c","version":6,"status":"done","tags":[],"date":"2025-09-24T14:59:36Z","url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"ip":{"addr":"170.10.161.169","port":0,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"title":"Webmail :: Welcome to Webmail"},"submit":{"url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"ip":{"addr":"170.10.161.169","port":0,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-29T14:59:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-24","alert":"Phishing - Webmail Providers","trigger":"equiposmedicoschile.cl","verdict":"phishing","severity":"medium","comment":"Webmail Providers","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"equiposmedicoschile.cl","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-09-21T22:13:29.38864Z","alert_count":0,"request_count":1,"received_data":89131,"sent_data":451,"comment":"","tags":null,"fingerprints":null},{"fqdn":"equiposmedicoschile.cl","ip":{"addr":"170.10.161.169","port":443,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"domain_registered":"2023-06-15","domain_rank":0,"first_seen":"2025-09-24T03:18:22.447433Z","last_seen":"2025-09-24T03:18:22.447433Z","alert_count":2,"request_count":1,"received_data":36669,"sent_data":546,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"ip":{"addr":"170.10.161.169","port":443,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-05-11T16:01:15.417918Z","times_seen":651334,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"ip":{"addr":"170.10.161.169","port":443,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-05-11T15:17:21.287283Z","times_seen":218101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-11T15:39:51.064192Z","times_seen":128051,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"ip":{"addr":"170.10.161.169","port":443,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a6fb7c85850915d9511538538d5abdb4","sha1":"5de331587db3dfb883a25a181f3d814a9ec891b2","sha256":"819e075a1a7d32b3243d4fbc221a919605b19de8d3893e59e9a0103417873aea","sha512":"868a69e6dcde6380214e9e44f0e5e053824ead97151b771b121a7697f774a3eab4f335f2356f37647f9d44a5bc753556350c612bf9ef05681366456589977ac7","ssdeep":"384:52LlpBlDTnVVEiJDlsENKmO8gMlOBl/XoO9FqCgdKbqslJoasNwrb5LQNMwJb+Az:52BpbDTnVVDJDeE4mO8gMlOBl/XoOnqt","tlshash":"2b92728666c1bc4523975b37732bb0e5f43a5c99b9c8098ef104bca0f5e9502fae8970","size":20861,"data":"","first_seen":"2023-03-14T16:39:34Z","last_seen":"2026-04-22T11:01:12.946622Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","fqdn":"equiposmedicoschile.cl","domain":"equiposmedicoschile.cl","tld":"cl"},"ip":{"addr":"170.10.161.169","port":443,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-24T14:59:11.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"equiposmedicoschile.cl","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 03:24:19 GMT","end":"Sat, 29 Nov 2025 03:24:18 GMT"},"fingerprint":{"sha1":"DB:22:3E:22:4E:68:19:09:0D:73:2E:65:82:C4:87:76:B7:91:93:0C","sha256":"66:96:B5:17:5E:F8:03:5D:6C:F2:84:23:65:C4:13:99:22:A6:AC:22:20:06:25:78:7C:C8:66:0B:11:3C:30:C8"}}},"request":{"raw":"GET /es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net HTTP/1.1\r\nHost: equiposmedicoschile.cl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.2.29\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 18265\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 24 Sep 2025 14:59:11 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":36264,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20840)","md5":"fa4411bbbde2bef43df6140b86aef42e","sha1":"bf482ccc5cd632f1374a2e8e1b5d1cb0b5968a0e","sha256":"bc9eaad39e7123303f2672080ef37c2d626408f4170c7432acba598eb7ddff2b","sha512":"fbefd8cb05b24cc87a642be26789c17cb67b782bd0f76492a85e7bd9c2c38b9910125cb373d209170945e0c817bf1cc56a04c98552e4f20bfcabb8e6229d5329","ssdeep":"768:LXP3d2UpE6gycU892BpbDTnVVDJDeE4mO8gMlOBl/XoOnqCgdKbqslJoaTrb5e1h:zP3oUq6gycalvvDJPtsJecHdi","tlshash":"52f219b162c1fc4522835b36b367b5e5fc3a5c9ba9c4088df018bca4f5e4605fae9970","first_seen":"2024-06-07T08:59:35Z","last_seen":"2026-04-10T14:02:48.350662Z","times_seen":32,"resource_available":true,"data":null}},"time_used":817,"timings":{"blocked":292,"dns":38,"connect":110,"send":0,"wait":230,"receive":1,"ssl":143},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-24","alert":"Phishing - Webmail Providers","trigger":"equiposmedicoschile.cl","verdict":"phishing","severity":"medium","comment":"Webmail Providers","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"equiposmedicoschile.cl","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://equiposmedicoschile.cl/es/wp-content/upgrade/index.php?uid=3mail@slurpmail.net","date":"2025-09-24T14:59:12.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://equiposmedicoschile.cl/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30774\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Sep 2025 09:59:49 GMT\r\nexpires: Tue, 22 Sep 2026 09:59:49 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 190763\r\nlast-modified: Mon, 13 May 2019 14:37:17 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88145,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-11T15:39:51.064192Z","times_seen":128051,"resource_available":true,"data":null}},"time_used":372,"timings":{"blocked":170,"dns":1,"connect":14,"send":0,"wait":15,"receive":15,"ssl":153},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}