{"report_id":"bcb94b53-c928-48f0-b1bd-20c728e0840c","version":6,"status":"done","tags":[],"date":"2026-02-23T12:39:58Z","url":{"schema":"http","addr":"mail.esmedicare.com","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":0,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"final":{"url":{"schema":"https","addr":"mail.esmedicare.com/","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"title":"Phantom: The crypto wallet for everyone","dom":{"size":254615,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"4e40ef0a3939f2433e8afd9ff5f55d72","sha1":"bdc629cb979a9ab350fca7c9dd38c5cd3d235587","sha256":"9bfba146fde307dd9492a06d07edd1aa3e9e34ef74aadcb88539cc59b7925db6","sha512":"e64fe1ebc7a1946aa93eee90547e462cfc83d9b416bfa96500dc181bff2165bbaffea5ab7369dd35dd57a2026ffbbe24ba3f024f9508c53010e679e04bc60f6f","ssdeep":"1536:3xJgVmefSoFeneheUemoTpyDOi2VQAchPM4ZMwRmeGgOD7XL0iHIZZeXt94ZMw8S:3rgcef/Si22AcS4Zb0DEro4Z0a","tlshash":"0e44942ed0732857150ba5940bea17413275e0078d09fda83e9d453dcf8eedf68a27ae","dom_hash":"domhashb5a2e979b4df200774901afbe0844932","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mail.esmedicare.com","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":0,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-30T12:39:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-23","alert":"Hunting_JS_WebAssembly","trigger":"mail.esmedicare.com/assets/js/bMZyyJlxSdxz.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"sanity-proxy-v2.phantom.app","ip":{"addr":"104.18.35.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-11-21","domain_rank":119374,"first_seen":"2023-08-04T20:40:01Z","last_seen":"2026-02-20T13:22:25.251977Z","alert_count":0,"request_count":2,"received_data":1249923,"sent_data":1095,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Zipkin","description":"","website":"https://zipkin.io/","common_platform_enumeration":"","icon":"Zipkin.png","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-22T22:20:46.526035Z","alert_count":0,"request_count":2,"received_data":778374,"sent_data":895,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mail.esmedicare.com","ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"domain_registered":"2006-05-19","domain_rank":0,"first_seen":"2026-02-22T05:03:08.805743Z","last_seen":"2026-02-22T05:03:08.805743Z","alert_count":49,"request_count":24,"received_data":2134914,"sent_data":11094,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/uk83HIMqbGJs.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b74fa4e9b5e77c8e19cf75d24b6f12c","sha1":"1b800b23802256eb2f8215481ce7533d0d7ee2d1","sha256":"ad656ad818ceda4e5568c8658b20a0c8c9f0a50beba5bc446dd71e44ac13d258","sha512":"29cc013ad61a54eb7e70abd4caaffda351ad7a6bb701802bb2fc0f26fa26d87a22b6cadc1f7b005afff72d181a6df56efd0559806fd39f730a39aa3d4d7cb5bd","ssdeep":"384:tECqTS4UHcdOBJ0EhuX7sC70wNvFKDS0O5sjEyGJLbG:zL8dOBiEhurD0wN50LoyuLS","tlshash":"f682607ed2d9ab3c66defa0ce62544042e1a592adb8470b46dd07642bdbc0c72147b37","size":18493,"data":"","first_seen":"2025-04-11T18:30:27.451233Z","last_seen":"2026-02-23T12:54:29.197051Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/kq4ilDMH4C1E.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"69127867a11f55eb4fc956af0b3cfbe6","sha1":"851e695d4defdf1f3d2885d3059fcb894c56ce09","sha256":"d14de9a89156d0328926ffdd5c0008586d22c586b6915c537cc34d9d1a103c37","sha512":"63d00279355bfbaa3311e68aef3ca78f64af0ca5145c4f3825a0066d087bfce8dc2e76be50aa5b493ddba6dc46827247501d470557613f3da209e57437069a9f","ssdeep":"384:mqHPtKDaJ4Oyz9jIigbGjSqjXWAPAPlt9YffroHu:PHFKDaJ4OSjIiDeqJ6lt9Yfx","tlshash":"83b2ca582b57f164ffafc1ccd146519cb22abe8ce21f0ed9f4593864018a8e1a7267cd","size":24336,"data":"","first_seen":"2025-04-11T18:30:27.474753Z","last_seen":"2026-02-23T12:54:29.198796Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-M68RRPPG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"38ff4ee213b2bcb7b473f2e9a74cef88","sha1":"0a05bc79654c183c513e11b680737951f8857b2d","sha256":"9e36977a51c3d1417c474bc19814ef03fee7f9de399e29737ac8a282e7a18ae5","sha512":"52e78fbba99daa7ae80901d7a6db5c25ef5fc5eeb0b04d9ec45d614afb6153b42cfaa5614f8fc63070e3d8eb10a1819a9f221affdfd6511a2235c89096b1e124","ssdeep":"6144:P4D83xaAJljxXU18kKDeDKJN5hSppv/UWOdM:ww3xaixk18CD/UY","tlshash":"236408cdb3d6742693a3a478403f118bb27b7992e84cc895f186d8d42d70a9a4277f7c","size":322349,"data":"","first_seen":"2026-02-23T12:40:02.787041Z","last_seen":"2026-02-23T12:54:29.199751Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/bMZyyJlxSdxz.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"82e46bf81bf779b0feac17e869194af5","sha1":"838733978a979221c0d42e2fd988d4bbba2c18b8","sha256":"7266c7c22c296a37e942883dd5acbecbee72e0d273f9fbd694ea9cba2167d37b","sha512":"63d83a07d38b2fa8334e718917e9ae32305f1230c7bc553bd7f52a0b4eb51ad02aa0e494e7386a3087216ca3d94ddcf9b59bba235607191e103a6ec8f8807ea7","ssdeep":"24576:bRIsJ1RLWRMwEYL//4mcudiUhSEcZHcptYpBEH7RCjosTI7av/KdttA7ePvzMf6m:bRIsJPLWRMwEYL//4mcudiUhSEcZHcpm","tlshash":"4855b7c0f3cda8bf86c5b341543ec949f57de43a82a9407eb29db0a974d5429c371ea8","size":1355472,"data":"","first_seen":"2025-10-05T07:31:06.539222Z","last_seen":"2026-02-23T12:54:29.208411Z","times_seen":5,"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-23","alert":"Hunting_JS_WebAssembly","trigger":"mail.esmedicare.com/assets/js/bMZyyJlxSdxz.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/G7TBlTXwlnAD.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"db4cfac9af8ca56abedceb2067cc07fe","sha1":"330d154dab35db8eaf61bf7c7043a30d0e6401a3","sha256":"95362fc08f36753ac3cfd47fabc027e46d2308e5d73dd9a2d6ad71844537c943","sha512":"b6783fc0b3f3b2939e3a43d5c887936eb8d808ca0abd9e9d9f60f93ebd88edaaf278c0b9d615e66dc0016dfa24107894de0294b032bd82a97d181c20143852c4","ssdeep":"384:VBAKwN3alIDZqHk9vwpz7l83F3KlcSuU9J6qgo5JtldiTzYt+a7GSCTZVd4/fN/d:kKWQpUO9J5r/io9NaafhRV6d3L6","tlshash":"6103f8841b53f268feffd2c4d35a914cb2299e49ea0e0edaf015387101ce4e1a1a1bdd","size":37707,"data":"","first_seen":"2025-10-05T07:31:06.486535Z","last_seen":"2026-02-23T12:54:29.202742Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/6BVk2BGaRPTi.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"d76e24c79383d1fca3c4e32a56f099ac","sha1":"b5d0e84eff3f960922f02af0896d996c1c0d5ef0","sha256":"f03d29accde8fb961834416a9af51232ff30edbd314a535eaeecd084f7c4726c","sha512":"bcc93a45101b7102c24545432270d3fba1e0f2daa1dc8a6665ff48b785b5d529eefe91b30a5d6f2dd0b9b2207dd44572e8f6d98ac665c2020373f70e270e4cc4","ssdeep":"","tlshash":"92f01afbd7bcfd62aa739c0c1eb15fab1b95bc0ad19d1e8754a7a45ed120600ce10982","size":458,"data":"","first_seen":"2025-04-11T18:30:27.452101Z","last_seen":"2026-02-23T12:54:29.203696Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/7dTTJKAG8jJf.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"7df09400482e9a56eaace1b3bb7a4e9a","sha1":"eed64b7fb4ce14009fee2885aca6c02f11881a35","sha256":"1626ed7e8315baa4330f7272a53f0252d02aafd6e76c8b39f0db7557a24ac153","sha512":"041a35b2878c57aad4d5bd4286bca54ee46c8e95c14b5410332e2bac3b466097a4a5b9b2d18bb3b1bffbefbc9cccb74699c1540cb11339f862c4c97eadc955b8","ssdeep":"192:HCWZHWhURWkDe81SRFR1CmXoxVCV7XCO9p1oH0QHgHD39BiAvIzUx/XA+mh3Tlus:vpkooFRzoxMVeOYlUu3332g23s2Q","tlshash":"9e322f64e1509d1c07d2910f99ad2821f1902b0e80be5909536bc9ff3ae2f895a7db3b","size":11916,"data":"","first_seen":"2025-04-11T18:30:27.465897Z","last_seen":"2026-02-23T12:54:29.191671Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/I9HB8SVv2YYQ.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"52dcc009b0537aecddd6102fb7c077db","sha1":"0ffea19e8952e4bc662633d0b3b122badc6ee33d","sha256":"772fc9a590de5771f5e7e77f12b9e4136f5b6b4a826e9145e3ed58fc5c4eac6a","sha512":"545b9545066e966f50481e6745be98b624bbe7f42d353494f360431b523f5ec0bdb3d71a718b9839d2567abad4ac7fb035f89b2b42a2ab729ec066a0163bc12a","ssdeep":"384:+lpkNN8G/JSyZvcr6IrvmpfQDWIQrzMPK+g:+mJSyNcuFIPKn","tlshash":"8142b6947652b5b0fb6bc1acc26b809cf32fba90660e0fb8f15e285413854e9f1917cd","size":12501,"data":"","first_seen":"2025-10-05T07:31:06.489435Z","last_seen":"2026-02-23T12:54:29.192564Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CPDB3BGX2\u0026cx=c\u0026gtm=4e62i1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"33bb2f47308472a0f213b6151a1e2a77","sha1":"78639a6793aa3535d98bfa3ff506d3fcc9c415c1","sha256":"251546a5eef2fd795c29f45f509b4109095243c34465cfa01e550727dfc709e0","sha512":"c79e29e57f0618d4778df49a52b54ebf8cb1c663f359a313d1100b2ee76123b624188a799a06f06902e2cc7e293ca98fbbcc6e606a094545fdaf1a776172f941","ssdeep":"6144:pH4D85YxaWJljxXUJ78kKUeDKJN5hSppR/UPEnQ/JYY:Gw5YxacxkJ78ZN/Un","tlshash":"8ba41ace73d674269396e078503f018ba57b25a2f44cc89af189cce42d74a9a4277f7c","size":454791,"data":"","first_seen":"2026-02-23T12:40:02.798434Z","last_seen":"2026-02-23T12:54:29.206253Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/jzjLw9NI2blU.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cb1dd9a3007e193fc1de09763aa5267","sha1":"ce838fab485774c64c0bfb0eeada5f42522eb002","sha256":"a48c1e4bd506c704dc33f25b965b4eb4e5a01083201eee431c1262e2a8d96410","sha512":"627e167d3e214e225efc8d2ea67039f6acb09c7d297b44dbcb6d60972f357e6ecbcaaa332791f27f490ae151229b68c1460fda04ab64a26ef0378bd53bb0d262","ssdeep":"1536:RQfvJ9XkJv5GpOmWsddznXj/Z60tOnTaqzkOKV9:+fVOPMdznt6EwTaH","tlshash":"9cd30ae83996f651aab311a700ef2803733d261b280c4d60a615fd9e75b841bb17bfdd","size":139979,"data":"","first_seen":"2025-04-11T18:30:27.478719Z","last_seen":"2026-02-23T12:54:29.198261Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/ZjpHH6xZeL6k.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a5cff98a82b200039f9d828f98e677a","sha1":"4edba2c547ded6cf327a81ffab8aa492048300ca","sha256":"f7e27ae1e35fd2e34cc0543d0b78a3c9385f51f0bf6251c14499a3b49a12976e","sha512":"c0cfff6a46e735a72c679a049c87b62e46c5de889bf17fdde34189901558286e8791bb47bd6c9054fc5a9dadb1296ac1d6f5ec6fc2e31bad5b4a663102f38dd8","ssdeep":"192:eP6svQeiTXmw924ax8Gk9eQpCWudLXX8rYg9uAKY8Peo:ePBvL4I4Ok9TpAdLnmYg9yXPP","tlshash":"7912d9e67181f421a35905a1807f451b733e3e622c0b5864f35aacdfb629cc8d072f3a","size":9533,"data":"","first_seen":"2025-04-11T18:30:27.448069Z","last_seen":"2026-02-23T12:54:29.206849Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/hlEcdTGHbI4T.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd797349e5492997e7976252aa9a1cd3","sha1":"210e8d584acda0ad38fad721902b26f79ad6db0c","sha256":"da63ec0901445c09b80a28a38d3e7f16753a9ee84a187ea89f7f57214e7a3300","sha512":"8fc99f3deaf353fe7c2aa84b78918fe7240619486cd8cbb6f13bb3ab90320d05d673b4914e64aa54efa3fe23cca5e2a22bd7744340901202b49ad2211744c113","ssdeep":"96:m+B4b7CzqVnxJ98T5jKM+gI8VcL6VAWs6SGFGfmVfzv+1P6pZxj:m+B4bAuxKQgI8SmddkuJQyLxj","tlshash":"7ea1e7aa770df9b51bf500c4683fc099ba0d2036541de860f717fc7a6138ae90836bb6","size":4717,"data":"","first_seen":"2025-10-05T07:31:06.530413Z","last_seen":"2026-02-23T12:54:29.205176Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/sfjUdxSyVVkk.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea60c90004ab2c21505a914da01a65c4","sha1":"65d5a346f18c53aa5e469c7af2b7ccbffc4e9f79","sha256":"ae67206c5bfdf4518e5970a2145e1b238d6e2437167127c5f620afe407f51926","sha512":"1b7b142825fe6059bdc7cde8e1a4fec9336ffc45ee5cc45f5570c2183566d7cbb4613a293211c75fc7179d0dc83b6cdaf405043643d1f026735f89a24f523132","ssdeep":"1536:Zn/NzuIm44zg3NvrpkDpAL6leZoujiQJ+wfqh3q8fbaS2+:Z/xuImO3NjpkD06lrWV2XzaST","tlshash":"bec31ab672d1fda203d741d4883b0006f3691cba106e6095b3eadcd6b994d9ea0f2f75","size":122999,"data":"","first_seen":"2025-10-05T07:31:06.493204Z","last_seen":"2026-02-23T12:54:29.200335Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/qup8epH3MHpb.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"fde54eb71cb2a4b22554844c30979012","sha1":"5e53d3c08623c693c0fc3a744ae7d8c56bf78215","sha256":"314a3ac6e03bdaa6158c74c8d4d347587a525ee799ca9e011e6ec9ecf92e357b","sha512":"0000e53baa5138372aa6759ad412c648db85dd83189e31cde037e40a17bd0781c50cdad6ada8cda62616b906569e27fe4597de5bef51f6096dd9bfc1bdca2cd1","ssdeep":"","tlshash":"9661b40416a270ece2af01ccc6a5c22eb21ae40be24f4fdef841bd4a54870d56791bcf","size":3397,"data":"","first_seen":"2025-10-05T07:31:06.496757Z","last_seen":"2026-02-23T12:54:29.194417Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/57XzwMvrTEi0.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"a520880ee41124efc9f6771069676015","sha1":"5e0a491d044b03151d4b5b090f15f3361cb34f6b","sha256":"eeb8723610b024e62417fd26d310684d9b7aa64af789da95e1b028a406674ed6","sha512":"328e2f163f985deda8b13ec3fcbe8249c803b438e905273f2e39d2755316578ab0ae3fac632ca0b323985ff604cb24d4ad94e2940f60db53b7d6f1038e0a8d1f","ssdeep":"","tlshash":"f951e4af165ef93109e6cc0d746a13168bc0857781384bc1d68f4e2dae80a65dfacc77","size":2519,"data":"","first_seen":"2025-10-05T07:31:06.507516Z","last_seen":"2026-02-23T12:54:29.195329Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"2942def2d94b6e1b0b79b3566ee32eb2","sha1":"5ee7abdbbd36f0cbe4ea166f916879ea2d1fc08b","sha256":"9a300fbc92910404cfc2d0e40ded6dfadc3699b9958e05d57d822625f780773f","sha512":"28a77dfdb21a0f7e2ee27bd31811c5ada021b8f708f30a7396bf6b8514249da21a68fc5d18f32893c06d327c61097debcc28ae3826d19354651a84c24f387be7","ssdeep":"","tlshash":"eac02b8430f3226420b31038037713041143024f308c94337ffcc1006f0820b0c15108","size":155,"data":"","first_seen":"2023-11-17T13:20:29Z","last_seen":"2026-05-26T12:15:24.748494Z","times_seen":18793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/ZjpHH6xZeL6k.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/ZjpHH6xZeL6k.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3326\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9533,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9533), with no line terminators","md5":"8a5cff98a82b200039f9d828f98e677a","sha1":"4edba2c547ded6cf327a81ffab8aa492048300ca","sha256":"f7e27ae1e35fd2e34cc0543d0b78a3c9385f51f0bf6251c14499a3b49a12976e","sha512":"c0cfff6a46e735a72c679a049c87b62e46c5de889bf17fdde34189901558286e8791bb47bd6c9054fc5a9dadb1296ac1d6f5ec6fc2e31bad5b4a663102f38dd8","ssdeep":"192:eP6svQeiTXmw924ax8Gk9eQpCWudLXX8rYg9uAKY8Peo:ePBvL4I4Ok9TpAdLnmYg9yXPP","tlshash":"7912d9e67181f421a35905a1807f451b733e3e622c0b5864f35aacdfb629cc8d072f3a","first_seen":"2025-04-11T18:30:27.448069Z","last_seen":"2026-02-23T12:54:29.206849Z","times_seen":6,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/6BVk2BGaRPTi.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/6BVk2BGaRPTi.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 161\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":458,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (458), with no line terminators","md5":"d76e24c79383d1fca3c4e32a56f099ac","sha1":"b5d0e84eff3f960922f02af0896d996c1c0d5ef0","sha256":"f03d29accde8fb961834416a9af51232ff30edbd314a535eaeecd084f7c4726c","sha512":"bcc93a45101b7102c24545432270d3fba1e0f2daa1dc8a6665ff48b785b5d529eefe91b30a5d6f2dd0b9b2207dd44572e8f6d98ac665c2020373f70e270e4cc4","ssdeep":"","tlshash":"92f01afbd7bcfd62aa739c0c1eb15fab1b95bc0ad19d1e8754a7a45ed120600ce10982","first_seen":"2025-04-11T18:30:27.452101Z","last_seen":"2026-02-23T12:54:29.203696Z","times_seen":11,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/images/E4Cd4l0Fy9zF.png","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/images/E4Cd4l0Fy9zF.png HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2730\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2730,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"a53fddbc8cbefda5fb8555483b1ca09c","sha1":"c71c9c08acc0396e80a55fa9d06f07bfedaeeca7","sha256":"6c6f3aa7c481a89832b55fe4f492fef049ee9bf7ff8386920ab8315981bc112d","sha512":"50615d6b261cd6614afd24388dbc2baf5c0c10ecda2ec247dd6ff46b58aa331d4df890e6435f8c3d6ebf4d09464ebc6a8c78e83b241c9ca61d89577a907dfa1a","ssdeep":"","tlshash":"eb514c8fe120ae12d6e2a7fa49098122237ac4f343450c5c290ce7599dab613dd49f2d","first_seen":"2024-01-01T00:56:08Z","last_seen":"2026-02-23T12:54:29.189039Z","times_seen":20,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/_next/data/nvBrIIH14fzfyOkU2s3wJ/en.json","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /_next/data/nvBrIIH14fzfyOkU2s3wJ/en.json HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mail.esmedicare.com/\r\npurpose: prefetch\r\nx-middleware-prefetch: 1\r\nx-nextjs-data: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-26T11:24:07.77302Z","times_seen":129845,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-23T12:39:36.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":262766,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2688), with CRLF line terminators","md5":"179ef325a8b18ebe47c3c8cbf2ba5dc7","sha1":"ecfff7aa847273a392b104d8348e62e4c0490c8a","sha256":"13ed1c0bcab599aabea08a3cbd0be12656cad329f2ba6513be263261f4a29566","sha512":"5a626c332968472c6b6ef6332878d3561bd9c1c2ccb93d5f2f77a194575308295eaa91fa3e80abbc0b8a92bf3eb758674c062d86f14fbb1d1f7a7558db6be30a","ssdeep":"1536:OoCCo6moO07EODuRA/2+gnCKrlUpq0veybysywyQOCO+gnCNlA:OoCSy04cuR3+g/N0DwH+g6A","tlshash":"4c44852fc050181a0037a3a54fe60746f7b5622b820566963dfd563e8fbfd869443fba","first_seen":"2025-10-05T07:31:06.527708Z","last_seen":"2026-02-23T12:54:29.190721Z","times_seen":5,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":187,"dns":106,"connect":34,"send":0,"wait":77,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/jzjLw9NI2blU.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/jzjLw9NI2blU.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 43335\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":139979,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6cb1dd9a3007e193fc1de09763aa5267","sha1":"ce838fab485774c64c0bfb0eeada5f42522eb002","sha256":"a48c1e4bd506c704dc33f25b965b4eb4e5a01083201eee431c1262e2a8d96410","sha512":"627e167d3e214e225efc8d2ea67039f6acb09c7d297b44dbcb6d60972f357e6ecbcaaa332791f27f490ae151229b68c1460fda04ab64a26ef0378bd53bb0d262","ssdeep":"1536:RQfvJ9XkJv5GpOmWsddznXj/Z60tOnTaqzkOKV9:+fVOPMdznt6EwTaH","tlshash":"9cd30ae83996f651aab311a700ef2803733d261b280c4d60a615fd9e75b841bb17bfdd","first_seen":"2025-04-11T18:30:27.478719Z","last_seen":"2026-02-23T12:54:29.198261Z","times_seen":6,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/I9HB8SVv2YYQ.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/I9HB8SVv2YYQ.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4278\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12503,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12499), with no line terminators","md5":"52dcc009b0537aecddd6102fb7c077db","sha1":"0ffea19e8952e4bc662633d0b3b122badc6ee33d","sha256":"772fc9a590de5771f5e7e77f12b9e4136f5b6b4a826e9145e3ed58fc5c4eac6a","sha512":"545b9545066e966f50481e6745be98b624bbe7f42d353494f360431b523f5ec0bdb3d71a718b9839d2567abad4ac7fb035f89b2b42a2ab729ec066a0163bc12a","ssdeep":"384:+lpkNN8G/JSyZvcr6IrvmpfQDWIQrzMPK+g:+mJSyNcuFIPKn","tlshash":"8142b6947652b5b0fb6bc1acc26b809cf32fba90660e0fb8f15e285413854e9f1917cd","first_seen":"2025-10-05T07:31:06.489435Z","last_seen":"2026-02-23T12:54:29.192564Z","times_seen":5,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/hlEcdTGHbI4T.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/hlEcdTGHbI4T.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2306\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4717,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4309)","md5":"cd797349e5492997e7976252aa9a1cd3","sha1":"210e8d584acda0ad38fad721902b26f79ad6db0c","sha256":"da63ec0901445c09b80a28a38d3e7f16753a9ee84a187ea89f7f57214e7a3300","sha512":"8fc99f3deaf353fe7c2aa84b78918fe7240619486cd8cbb6f13bb3ab90320d05d673b4914e64aa54efa3fe23cca5e2a22bd7744340901202b49ad2211744c113","ssdeep":"96:m+B4b7CzqVnxJ98T5jKM+gI8VcL6VAWs6SGFGfmVfzv+1P6pZxj:m+B4bAuxKQgI8SmddkuJQyLxj","tlshash":"7ea1e7aa770df9b51bf500c4683fc099ba0d2036541de860f717fc7a6138ae90836bb6","first_seen":"2025-10-05T07:31:06.530413Z","last_seen":"2026-02-23T12:54:29.205176Z","times_seen":5,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/_next/static/chunks/af49b54f.712c2887c988c866.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /_next/static/chunks/af49b54f.712c2887c988c866.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-26T11:24:07.77302Z","times_seen":129845,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanity-proxy-v2.phantom.app/images/3nm6d03a/production/3b9ef0705676aa0d441f44964467086c4d925682-512x512.svg","fqdn":"sanity-proxy-v2.phantom.app","domain":"phantom.app","tld":"app"},"ip":{"addr":"104.18.35.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanity-proxy-v2.phantom.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 20 Feb 2026 17:20:11 GMT","end":"Thu, 21 May 2026 18:20:07 GMT"},"fingerprint":{"sha1":"9F:80:B4:EC:BD:38:A6:E7:07:9B:0B:5D:2A:C1:E0:6D:4B:BA:82:B7","sha256":"8F:AC:EF:22:4E:1A:C5:6F:A2:57:FA:B7:E2:A1:80:7E:EA:CD:A4:48:83:B3:AB:EC:0D:FC:5D:77:75:42:42:38"}}},"request":{"raw":"GET /images/3nm6d03a/production/3b9ef0705676aa0d441f44964467086c4d925682-512x512.svg HTTP/1.1\r\nHost: sanity-proxy-v2.phantom.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncf-ray: 9d26c97dad991a30-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 12 May 2025 15:54:01 GMT\r\nvary: origin, accept-encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=86400\r\napicdn-cache-control: public, max-age=31536000, s-maxage=2592000\r\ncontent-security-policy: default-src 'none';\r\nsanity-gateway: k8s-gcp-as-s1-prod-ing-01\r\nx-b3-parentspanid: aa90138c2b4df055\r\nx-b3-sampled: 0\r\nx-b3-spanid: 7644d24e54467692\r\nx-b3-traceid: a89570470d628c82440c24bc47ebcd72\r\nx-content-type-options: nosniff\r\nx-sanity-age: 0\r\nx-sanity-asset-storage: gcs-default\r\nset-cookie: __cf_bm=ZhpbklqgKQgvVlTGfA.eTpJEbFRSGQmT7BL9WuPdmTE-1771850377-1.0.1.1-Olv2odfwpycsMbOSRMeZWBuBGW2Y.zeSqsAO53LnFAkgfXwA1It50r8JPkcmsqycVOdTRLAfxrK8ARm0WbKXcw4WQCRUbi2mpOcW6rZ5iSg; path=/; expires=Mon, 23-Feb-26 13:09:37 GMT; domain=.phantom.app; HttpOnly; Secure; SameSite=None\n_cfuvid=HOBhoeVtfGrsfyVePF_vx3CjVT2tlHkx3VBn1M4sesk-1771850377946-0.0.1.1-604800000; path=/; domain=.phantom.app; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Zipkin","description":"","website":"https://zipkin.io/","common_platform_enumeration":"","icon":"Zipkin.png","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":11989,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5fafada93e7ca7310a6904c1851ff50","sha1":"9c3360c0c720c6ea84aab169848d886468c2302f","sha256":"1aab9ab4f17b1d7d8a71301a66f53c883cbe5e9bd788564577ccf0d37ffce300","sha512":"68ce55f08d7b95eb42791ffa5e6463f28ca0fd4c8ae0f8cf7f3f3c5d72cd14d66f6073d6325361316b9e541b7a10758b80d235f95cae372ee4dfb7a02486ad97","ssdeep":"192:+cnAZle/yz/yAA7a7/XfG8nwHKPp3oPhtn+Kp:+cnAHa8pA7a75nGKdoJtnlp","tlshash":"1d3245da9bf851bee88e935dc713409c260d50ff7a92c954f32ecf0a57434968e0ba44","first_seen":"2024-08-20T14:26:37.643676Z","last_seen":"2026-02-23T12:54:29.205718Z","times_seen":17,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":40,"dns":20,"connect":1,"send":0,"wait":80,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanity-proxy-v2.phantom.app/files/3nm6d03a/production/c2810bb8c2e2da6349630ac2138c755146d1dd18.webm#t=0.1","fqdn":"sanity-proxy-v2.phantom.app","domain":"phantom.app","tld":"app"},"ip":{"addr":"104.18.35.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanity-proxy-v2.phantom.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 20 Feb 2026 17:20:11 GMT","end":"Thu, 21 May 2026 18:20:07 GMT"},"fingerprint":{"sha1":"9F:80:B4:EC:BD:38:A6:E7:07:9B:0B:5D:2A:C1:E0:6D:4B:BA:82:B7","sha256":"8F:AC:EF:22:4E:1A:C5:6F:A2:57:FA:B7:E2:A1:80:7E:EA:CD:A4:48:83:B3:AB:EC:0D:FC:5D:77:75:42:42:38"}}},"request":{"raw":"GET /files/3nm6d03a/production/c2810bb8c2e2da6349630ac2138c755146d1dd18.webm HTTP/1.1\r\nHost: sanity-proxy-v2.phantom.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Mon, 23 Feb 2026 12:39:38 GMT\r\ncontent-type: video/webm\r\ncontent-length: 1235404\r\nserver: cloudflare\r\ncontent-range: bytes 0-1235403/1235404\r\ncf-ray: 9d26c97e0f421a30-OSL\r\ncf-cache-status: REVALIDATED\r\naccess-control-allow-origin: *\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-disposition: inline;filename=\"web-hompage-header-06-vp9-chrome.webm\"\r\netag: \"7d2b88973700c2dae9cd635dee2722c8\"\r\nlast-modified: Thu, 29 Jun 2023 19:44:15 GMT\r\nvary: origin, Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=86400\r\napicdn-cache-control: public, max-age=31536000, s-maxage=2592000\r\ncontent-security-policy: default-src 'none';\r\nsanity-gateway: k8s-gcp-eu-w1-prod-ing-01\r\nx-robots-tag: noindex, nofollow\r\nx-sanity-age: 0\r\nx-sanity-md5: 7d2b88973700c2dae9cd635dee2722c8\r\nx-sanity-storage-adapter: gcs-default\r\nset-cookie: __cf_bm=mBZLP8Lt9DCvPFutGikg6cOHd4iUVMN20Elz2VILtaE-1771850378-1.0.1.1-hjgxtU7aPb2nT11.LKxBWegDbREav2CQKxvsvc6mWtN1JXqtyBD2KX98VompZEzooEEeh9670Dh8oHYojrg5oLduAKE9gNlNJj1EsNKiD_Y; path=/; expires=Mon, 23-Feb-26 13:09:38 GMT; domain=.phantom.app; HttpOnly; Secure; SameSite=None\n_cfuvid=8BNtoaWpM6TpfL0elOioNk4yqp9Hm0I7qABFyGp4aLg-1771850378024-0.0.1.1-604800000; path=/; domain=.phantom.app; HttpOnly; Secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1235404,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"2d437322b3af2e89267e3c019226db81","sha1":"0870593cc54811ca05f41a96917a88a8c6bf84e6","sha256":"8325d1107ab9a267e849108f59545330db9bdaedd2703c88170a857c2b5ddb0a","sha512":"e31a3c6a71b2c120b9c8438b3c6a19955561fc02964d57c73150baf435ad4cbf036c7b07c0c8b43004670c3ad677b917edf736387bcbab77a9cdba8cb53708c1","ssdeep":"24576:417jl+motgFnGQk5HfsaSILljToPlr7/4CUIHIOa:I+gFf6HfsWlHSfdBa","tlshash":"322523cd4333f2dcd8582734d44f4864af83812996d85316f95e9bb19ee0ba998db833","first_seen":"2025-02-06T17:52:24.991759Z","last_seen":"2026-03-05T01:57:34.765761Z","times_seen":34,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/css/7lKiQv65EQgE.css","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/css/7lKiQv65EQgE.css HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 322\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1371,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1371), with no line terminators","md5":"d0053b2868af056ef5c094b7ba27796f","sha1":"99bedac1f2bbbf28da59e7cd2a19e85f7ed4f8db","sha256":"c6272b5cf21f32c6a1f628750f6808f988bc5ee377f38737a6d333e3f3e10fd6","sha512":"dcba06f777277f83227cd9ea3cccc3ab6455abf8eaf63e5c33cdcccafc309c0e966a3c0fb73168b0f6cf42ef7eaf34c89abda00697b7396cca927635311532ee","ssdeep":"","tlshash":"3421c564a11fa102d8a38f8339cf7f323d1aa42524699123d16f095d4dfb5a763a0f39","first_seen":"2025-10-05T07:31:06.47373Z","last_seen":"2026-02-23T12:54:29.193178Z","times_seen":5,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/sfjUdxSyVVkk.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/sfjUdxSyVVkk.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 33161\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":122999,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"ea60c90004ab2c21505a914da01a65c4","sha1":"65d5a346f18c53aa5e469c7af2b7ccbffc4e9f79","sha256":"ae67206c5bfdf4518e5970a2145e1b238d6e2437167127c5f620afe407f51926","sha512":"1b7b142825fe6059bdc7cde8e1a4fec9336ffc45ee5cc45f5570c2183566d7cbb4613a293211c75fc7179d0dc83b6cdaf405043643d1f026735f89a24f523132","ssdeep":"1536:Zn/NzuIm44zg3NvrpkDpAL6leZoujiQJ+wfqh3q8fbaS2+:Z/xuImO3NjpkD06lrWV2XzaST","tlshash":"bec31ab672d1fda203d741d4883b0006f3691cba106e6095b3eadcd6b994d9ea0f2f75","first_seen":"2025-10-05T07:31:06.493204Z","last_seen":"2026-02-23T12:54:29.200335Z","times_seen":5,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/bMZyyJlxSdxz.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/bMZyyJlxSdxz.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 329144\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1355472,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (310), with CRLF line terminators","md5":"4eee1be9cadd4c09a474cbd6df924cb0","sha1":"6386b5b5823a211a6702d2924de83c2d9ca37927","sha256":"8674164f6ac07b0f21ccaaabc1d90a44238668eadc9b518e64b369aa0dae93f7","sha512":"4429fa553f29cc8b39235f68daa136c2958ddcf8b98fd4b53d1eacd75accd13e31694fac8ba2586ddc8025a41dd90f872c9a3be6b9494fd3b227690f57f01db6","ssdeep":"24576:bRIsJ1RLWRMwEYL//4mcudiUhSEcZHcptYpBEH7RCjosTI7av/KdttA7ePvzMf6A:bRIsJPLWRMwEYL//4mcudiUhSEcZHcpA","tlshash":"0225b7c0f3cda8bf86c6b341543ec949f17de43a82a9407eb29d70a974d9529c371da8","first_seen":"2025-10-05T07:31:06.503083Z","last_seen":"2026-02-23T12:54:29.193784Z","times_seen":5,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-02-23","alert":"Hunting_JS_WebAssembly","trigger":"mail.esmedicare.com/assets/js/bMZyyJlxSdxz.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/57XzwMvrTEi0.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/57XzwMvrTEi0.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 855\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2519,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2519), with no line terminators","md5":"a520880ee41124efc9f6771069676015","sha1":"5e0a491d044b03151d4b5b090f15f3361cb34f6b","sha256":"eeb8723610b024e62417fd26d310684d9b7aa64af789da95e1b028a406674ed6","sha512":"328e2f163f985deda8b13ec3fcbe8249c803b438e905273f2e39d2755316578ab0ae3fac632ca0b323985ff604cb24d4ad94e2940f60db53b7d6f1038e0a8d1f","ssdeep":"","tlshash":"f951e4af165ef93109e6cc0d746a13168bc0857781384bc1d68f4e2dae80a65dfacc77","first_seen":"2025-10-05T07:31:06.507516Z","last_seen":"2026-02-23T12:54:29.195329Z","times_seen":5,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-M68RRPPG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"60:64:B6:72:E4:67:A4:EC:78:B2:F2:B8:3E:17:7A:A6:A8:CE:74:4C","sha256":"3E:71:C0:44:31:9B:1A:8A:23:FF:D9:4F:B9:3F:89:6D:7C:66:33:BE:14:26:CB:01:F2:79:BB:FE:F3:3A:71:98"}}},"request":{"raw":"GET /gtm.js?id=GTM-M68RRPPG HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nexpires: Mon, 23 Feb 2026 12:39:37 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Mon, 23 Feb 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 111063\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":322349,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5376)","md5":"38ff4ee213b2bcb7b473f2e9a74cef88","sha1":"0a05bc79654c183c513e11b680737951f8857b2d","sha256":"9e36977a51c3d1417c474bc19814ef03fee7f9de399e29737ac8a282e7a18ae5","sha512":"52e78fbba99daa7ae80901d7a6db5c25ef5fc5eeb0b04d9ec45d614afb6153b42cfaa5614f8fc63070e3d8eb10a1819a9f221affdfd6511a2235c89096b1e124","ssdeep":"6144:P4D83xaAJljxXU18kKDeDKJN5hSppv/UWOdM:ww3xaixk18CD/UY","tlshash":"236408cdb3d6742693a3a478403f118bb27b7992e84cc895f186d8d42d70a9a4277f7c","first_seen":"2026-02-23T12:40:02.787041Z","last_seen":"2026-02-23T12:54:29.199751Z","times_seen":2,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":155,"dns":2,"connect":21,"send":0,"wait":42,"receive":50,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/_next/static/chunks/3746.8b94512d3eeda441.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /_next/static/chunks/3746.8b94512d3eeda441.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-26T11:24:07.77302Z","times_seen":129845,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/qup8epH3MHpb.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/qup8epH3MHpb.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1441\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3397,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3397), with no line terminators","md5":"fde54eb71cb2a4b22554844c30979012","sha1":"5e53d3c08623c693c0fc3a744ae7d8c56bf78215","sha256":"314a3ac6e03bdaa6158c74c8d4d347587a525ee799ca9e011e6ec9ecf92e357b","sha512":"0000e53baa5138372aa6759ad412c648db85dd83189e31cde037e40a17bd0781c50cdad6ada8cda62616b906569e27fe4597de5bef51f6096dd9bfc1bdca2cd1","ssdeep":"","tlshash":"9661b40416a270ece2af01ccc6a5c22eb21ae40be24f4fdef841bd4a54870d56791bcf","first_seen":"2025-10-05T07:31:06.496757Z","last_seen":"2026-02-23T12:54:29.194417Z","times_seen":5,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/fonts/GNJkDqwgD5bb.woff2","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/fonts/GNJkDqwgD5bb.woff2 HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/assets/css/7lKiQv65EQgE.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 55900\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 55900, version 1.0","md5":"b6e7847df309e7dbeeb0760ce82e66bb","sha1":"2bbad65429bece429a2d7dcacb36bbf871769d20","sha256":"d32f4279a0c3a2b3781fd33413f53040633812f6be866cc701803944b43dfa39","sha512":"b0b57396b5414aee26a07f405a865f25735c26973bf572d622bce1f1cd09892ffa0c2c3e1faffbe4052d5509d975cbfdefd264420cc5cb4b1f5ec3939ecc3ab0","ssdeep":"1536:7XBE7RPJxxcDnvOfuvKzpMfSnB268ybU2AyJtAHmo11b+:1oFuWqGpVnBcqUEAs","tlshash":"f54312d86cd9f4a3918895307081d227ff3fb44a394a35391b38762465f8fa2b1fe5a0","first_seen":"2024-08-20T14:26:37.606484Z","last_seen":"2026-05-17T20:56:56.652923Z","times_seen":58,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":66,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/images/PwALWbCN258F.png","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/images/PwALWbCN258F.png HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 904\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":904,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"09d36f2b29b55345439d29b03ec72368","sha1":"e8f027596c1aa2009bf5be2b11c66d8333e7f25e","sha256":"8821556f7b12826d0619f8713f712abf7abdbc927318071b298f0e10e9a7d49c","sha512":"2c140a7a21c3495df112e269d52b8ef0ec170132dfb6998287b19d7b76f9de065d41b52d201af8fc8debfc7f8fb7c26e99a3e609e429f6fbe216da834918a1b7","ssdeep":"","tlshash":"421144e78b73c199d41ae4f501971345d63e522511811d7ad250d51deb1ebd02df87c2","first_seen":"2024-08-20T14:26:37.623249Z","last_seen":"2026-02-23T12:54:29.197814Z","times_seen":20,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/_next/data/nvBrIIH14fzfyOkU2s3wJ/en/login.php.json","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /_next/data/nvBrIIH14fzfyOkU2s3wJ/en/login.php.json HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mail.esmedicare.com/\r\npurpose: prefetch\r\nx-middleware-prefetch: 1\r\nx-nextjs-data: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-26T11:24:07.77302Z","times_seen":129845,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/7dTTJKAG8jJf.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/7dTTJKAG8jJf.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2833\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11916,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11916), with no line terminators","md5":"7df09400482e9a56eaace1b3bb7a4e9a","sha1":"eed64b7fb4ce14009fee2885aca6c02f11881a35","sha256":"1626ed7e8315baa4330f7272a53f0252d02aafd6e76c8b39f0db7557a24ac153","sha512":"041a35b2878c57aad4d5bd4286bca54ee46c8e95c14b5410332e2bac3b466097a4a5b9b2d18bb3b1bffbefbc9cccb74699c1540cb11339f862c4c97eadc955b8","ssdeep":"192:HCWZHWhURWkDe81SRFR1CmXoxVCV7XCO9p1oH0QHgHD39BiAvIzUx/XA+mh3Tlus:vpkooFRzoxMVeOYlUu3332g23s2Q","tlshash":"9e322f64e1509d1c07d2910f99ad2821f1902b0e80be5909536bc9ff3ae2f895a7db3b","first_seen":"2025-04-11T18:30:27.465897Z","last_seen":"2026-02-23T12:54:29.191671Z","times_seen":6,"resource_available":true,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/kq4ilDMH4C1E.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/kq4ilDMH4C1E.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6381\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24336,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (24336), with no line terminators","md5":"69127867a11f55eb4fc956af0b3cfbe6","sha1":"851e695d4defdf1f3d2885d3059fcb894c56ce09","sha256":"d14de9a89156d0328926ffdd5c0008586d22c586b6915c537cc34d9d1a103c37","sha512":"63d00279355bfbaa3311e68aef3ca78f64af0ca5145c4f3825a0066d087bfce8dc2e76be50aa5b493ddba6dc46827247501d470557613f3da209e57437069a9f","ssdeep":"384:mqHPtKDaJ4Oyz9jIigbGjSqjXWAPAPlt9YffroHu:PHFKDaJ4OSjIiDeqJ6lt9Yfx","tlshash":"83b2ca582b57f164ffafc1ccd146519cb22abe8ce21f0ed9f4593864018a8e1a7267cd","first_seen":"2025-04-11T18:30:27.474753Z","last_seen":"2026-02-23T12:54:29.198796Z","times_seen":6,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/G7TBlTXwlnAD.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/G7TBlTXwlnAD.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 9694\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37707,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37707), with no line terminators","md5":"db4cfac9af8ca56abedceb2067cc07fe","sha1":"330d154dab35db8eaf61bf7c7043a30d0e6401a3","sha256":"95362fc08f36753ac3cfd47fabc027e46d2308e5d73dd9a2d6ad71844537c943","sha512":"b6783fc0b3f3b2939e3a43d5c887936eb8d808ca0abd9e9d9f60f93ebd88edaaf278c0b9d615e66dc0016dfa24107894de0294b032bd82a97d181c20143852c4","ssdeep":"384:VBAKwN3alIDZqHk9vwpz7l83F3KlcSuU9J6qgo5JtldiTzYt+a7GSCTZVd4/fN/d:kKWQpUO9J5r/io9NaafhRV6d3L6","tlshash":"6103f8841b53f268feffd2c4d35a914cb2299e49ea0e0edaf015387101ce4e1a1a1bdd","first_seen":"2025-10-05T07:31:06.486535Z","last_seen":"2026-02-23T12:54:29.202742Z","times_seen":5,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/_next/data/nvBrIIH14fzfyOkU2s3wJ/en/download.json?generic=download","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:37.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /_next/data/nvBrIIH14fzfyOkU2s3wJ/en/download.json?generic=download HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mail.esmedicare.com/\r\npurpose: prefetch\r\nx-middleware-prefetch: 1\r\nx-nextjs-data: 1\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Mon, 23 Feb 2026 12:39:37 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-26T11:24:07.77302Z","times_seen":129845,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/fonts/6ct23iu4O64l.woff2","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/fonts/6ct23iu4O64l.woff2 HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/assets/css/7lKiQv65EQgE.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 53540\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53540,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 53540, version 1.0","md5":"5d9ac034fee9fadb316e1d93fc3ec0b8","sha1":"6e1d23c086c0a4d2e3a3b2e464067beaf7b75812","sha256":"18a377ffeadf3557906d1e09997f15e463e86a230c163467bb4ad4ec2538e0ac","sha512":"0726d7e038c36cfd26adc3330b00f0a6892a0a5474994692be88d050762dabbd8a3e897fd8b8d675d0e698c91e4649cdeb47a3ac8b49953394448538629abeea","ssdeep":"1536:3dL0wfF/F3UO9xNAVL7ZupkNYRUHbkAENIP10L:3WiN19xNAV0p4csgnL","tlshash":"5033f18f5536850ec74fa0a406141426188cff3fc69a7bdc28fd3fa69f7a24ad95281c","first_seen":"2024-08-20T14:26:37.604662Z","last_seen":"2026-05-19T01:00:25.49958Z","times_seen":85,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2CPDB3BGX2\u0026cx=c\u0026gtm=4e62i1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:38.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"60:64:B6:72:E4:67:A4:EC:78:B2:F2:B8:3E:17:7A:A6:A8:CE:74:4C","sha256":"3E:71:C0:44:31:9B:1A:8A:23:FF:D9:4F:B9:3F:89:6D:7C:66:33:BE:14:26:CB:01:F2:79:BB:FE:F3:3A:71:98"}}},"request":{"raw":"GET /gtag/js?id=G-2CPDB3BGX2\u0026cx=c\u0026gtm=4e62i1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 23 Feb 2026 12:39:38 GMT\r\nexpires: Mon, 23 Feb 2026 12:39:38 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150853\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":454791,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"33bb2f47308472a0f213b6151a1e2a77","sha1":"78639a6793aa3535d98bfa3ff506d3fcc9c415c1","sha256":"251546a5eef2fd795c29f45f509b4109095243c34465cfa01e550727dfc709e0","sha512":"c79e29e57f0618d4778df49a52b54ebf8cb1c663f359a313d1100b2ee76123b624188a799a06f06902e2cc7e293ca98fbbcc6e606a094545fdaf1a776172f941","ssdeep":"6144:pH4D85YxaWJljxXUJ78kKUeDKJN5hSppR/UPEnQ/JYY:Gw5YxacxkJ78ZN/Un","tlshash":"8ba41ace73d674269396e078503f018ba57b25a2f44cc89af189cce42d74a9a4277f7c","first_seen":"2026-02-23T12:40:02.798434Z","last_seen":"2026-02-23T12:54:29.206253Z","times_seen":2,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":21,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.esmedicare.com/assets/js/uk83HIMqbGJs.js","fqdn":"mail.esmedicare.com","domain":"esmedicare.com","tld":"com"},"ip":{"addr":"85.232.242.130","port":443,"asn":15694,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.esmedicare.com/","date":"2026-02-23T12:39:36.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpcontacts.esmedicare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 20 Feb 2026 22:14:44 GMT","end":"Thu, 21 May 2026 22:14:43 GMT"},"fingerprint":{"sha1":"18:B3:5E:11:92:46:55:90:E5:FB:4C:A0:39:D8:05:15:DF:43:F2:4B","sha256":"8B:B6:F7:EA:E6:CD:10:DA:00:B8:14:D4:5E:BF:A1:6B:06:D4:D3:8E:4F:F1:54:E1:3A:3B:8B:37:14:F6:D6:0E"}}},"request":{"raw":"GET /assets/js/uk83HIMqbGJs.js HTTP/1.1\r\nHost: mail.esmedicare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mail.esmedicare.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 02 Mar 2026 12:39:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 12:19:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 8021\r\ndate: Mon, 23 Feb 2026 12:39:36 GMT\r\nx-frame-options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18493,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18493), with no line terminators","md5":"5b74fa4e9b5e77c8e19cf75d24b6f12c","sha1":"1b800b23802256eb2f8215481ce7533d0d7ee2d1","sha256":"ad656ad818ceda4e5568c8658b20a0c8c9f0a50beba5bc446dd71e44ac13d258","sha512":"29cc013ad61a54eb7e70abd4caaffda351ad7a6bb701802bb2fc0f26fa26d87a22b6cadc1f7b005afff72d181a6df56efd0559806fd39f730a39aa3d4d7cb5bd","ssdeep":"384:tECqTS4UHcdOBJ0EhuX7sC70wNvFKDS0O5sjEyGJLbG:zL8dOBiEhurD0wN50LoyuLS","tlshash":"f682607ed2d9ab3c66defa0ce62544042e1a592adb8470b46dd07642bdbc0c72147b37","first_seen":"2025-04-11T18:30:27.451233Z","last_seen":"2026-02-23T12:54:29.197051Z","times_seen":6,"resource_available":true,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"mail.esmedicare.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"mail.esmedicare.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}