{"report_id":"c6ae68d4-aaec-4114-99c4-2c358fb3a705","version":6,"status":"done","tags":[],"date":"2023-12-28T17:41:08Z","url":{"schema":"http","addr":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","fqdn":"2836db27.index-asv.pages.dev","domain":"index-asv.pages.dev","tld":"pages.dev"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"final":{"url":{"schema":"https","addr":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","fqdn":"2836db27.index-asv.pages.dev","domain":"index-asv.pages.dev","tld":"pages.dev"},"title":"Webmail Portal Login"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T06:13:43Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2023-12-09 10:58:51","alert_count":0,"request_count":1,"received_data":819,"sent_data":469,"comment":"","tags":null,"fingerprints":null},{"fqdn":"2836db27.index-asv.pages.dev","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2020-09-02","domain_rank":0,"first_seen":"2022-06-29 17:39:39","last_seen":"2023-12-24 18:23:00","alert_count":6,"request_count":2,"received_data":15770,"sent_data":1273,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.pngitem.com","ip":{"addr":"204.12.226.3","port":443,"asn":32097,"as":"WII","country":"United States","country_code":"US"},"domain_registered":"2019-10-13","domain_rank":40709,"first_seen":"2019-12-17 14:07:58","last_seen":"2023-12-24 03:01:32","alert_count":0,"request_count":1,"received_data":322,"sent_data":508,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t0.gstatic.com","ip":{"addr":"142.250.74.164","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-06 22:22:05","last_seen":"2023-12-27 06:32:25","alert_count":0,"request_count":2,"received_data":2002,"sent_data":1070,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2023-12-28 07:57:11","alert_count":0,"request_count":1,"received_data":33792,"sent_data":435,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-12-18","alert":"Webmail Providers","trigger":"2836db27.index-asv.pages.dev/","verdict":"phishing","severity":"medium","comment":"Webmail Providers","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-12-18","alert":"Webmail Providers","trigger":"2836db27.index-asv.pages.dev/","verdict":"phishing","severity":"medium","comment":"Webmail Providers","link":"https://openphish.com/","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":[{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-01-03","alert":"Other","trigger":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/favicon.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-01-03","alert":"Other","trigger":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null}]},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-28","alert":"Sinkholed","trigger":"index-asv.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-28","alert":"Sinkholed","trigger":"index-asv.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.11.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95786,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-04T12:44:07.988803Z","times_seen":45648,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","fqdn":"2836db27.index-asv.pages.dev","domain":"index-asv.pages.dev","tld":"pages.dev"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T12:49:17.462299Z","times_seen":13332134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.11.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","date":"2023-12-28T17:40:40.823Z","timestamp":1703785240823,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-1.11.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2836db27.index-asv.pages.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1762a\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Thu, 28 Dec 2023 17:40:44 GMT\r\nage: 8984626\r\nx-served-by: cache-lga21922-LGA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 91, 135788\r\nx-timer: S1703785244.105076,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 33202\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33202,"size_decoded":95786,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (32086)","md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-04T12:44:07.988803Z","times_seen":45648,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":47,"dns":1,"connect":13,"send":0,"wait":14,"receive":5,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=biofactlife.com","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","date":"2023-12-28T17:40:41.172Z","timestamp":1703785241172,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:09:47 GMT","end":"Mon, 12 Feb 2024 08:09:46 GMT"},"fingerprint":{"sha1":"50:3E:DA:12:EC:7F:39:A5:E9:4F:16:D7:D6:AA:BF:45:15:44:7F:E9","sha256":"98:2D:C0:52:3D:84:7D:B5:89:AE:22:3E:DD:D8:37:86:72:79:D7:32:40:D6:03:55:D8:A6:F1:70:53:DF:48:95"}}},"request":{"raw":"GET /s2/favicons?domain=biofactlife.com HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2836db27.index-asv.pages.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://biofactlife.com\u0026size=16\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 28 Dec 2023 17:40:44 GMT\r\nexpires: Thu, 28 Dec 2023 18:10:44 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 335\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":335,"size_decoded":335,"mime_type":"image/png","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"653a9962756be34690c9706e9a323a08","sha1":"d57c5f685ffec0d51c0b3b7e12eeb00cf5d6b5e8","sha256":"993c7ab698a1d619b32439f3b89a9159769c3aae6f6c2c88d0b6f00a6acda2c4","sha512":"0a614d65ee56cec177d61c88851b3d0bc7a288265e271ac1fb48766a28e66b3644cd6a063fe27ad145ecd0a223a906718ac3cde5566bf92735794408e9d28cd7","ssdeep":"","tlshash":"bce0c67e0c0900262223bba2a029d132ac186010e86a806fe0b90a599888c2a42c9ba4","first_seen":"2023-04-30T22:56:32Z","last_seen":"2024-12-12T23:43:56.083638Z","times_seen":111,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":70,"dns":0,"connect":10,"send":0,"wait":18,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/favicon.png","fqdn":"2836db27.index-asv.pages.dev","domain":"index-asv.pages.dev","tld":"pages.dev"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","date":"2023-12-28T17:40:41.177Z","timestamp":1703785241177,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"index-asv.pages.dev","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 07 Dec 2023 21:37:08 GMT","end":"Wed, 06 Mar 2024 21:37:07 GMT"},"fingerprint":{"sha1":"ED:55:6D:C9:63:5E:B9:D7:8C:AC:3B:86:84:71:4E:6F:C6:DC:7E:11","sha256":"9C:F8:4E:F8:6F:09:DE:6F:92:E8:6E:38:08:52:67:11:40:0E:B7:7F:5D:71:FD:EC:F0:FD:D6:8B:31:7A:AD:B8"}}},"request":{"raw":"GET /nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/favicon.png HTTP/1.1\r\nHost: 2836db27.index-asv.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 28 Dec 2023 17:40:44 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: W/\"81294d14203ba0a263cf151cee114102\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=0v47AvwNWaD%2FMvKFvS6CrS4mX6uSLEhAa4%2BpnhboxNvgpNFIq0O9U0fztX6tY4rfplhUrYVMp%2FAHnwcJAb1D7boXBlnvr%2FCs2ZTDBgv7ovsHe0Vpqsco25SMBClG%2BtiDaYQqwFEiuMMN5YLlQFPM\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 83cb97118c7956af-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4645,"size_decoded":9517,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3974), with CRLF line terminators","md5":"a1c2f3f2da3ab7e6030284c5fe9c1130","sha1":"d8f18f7aeb1f024372b0b595a29c8b4cdedcca98","sha256":"05c0ae3ce5522e04ab6044bfed241a18dedea12f83e8c81f8f4cca4346eb3dd2","sha512":"54586a540ae5a5dca88511498c723962d208441e579eeb08928e2fbcc5ee2904c200738972b8ecccad3fb85fbc75fdadd22bc54179e85233f28678598c351a80","ssdeep":"192:ZYWa12+YkA/cuxx5OTL9SxFyAK12yvsQYiZaReMjF3hAT6am:2JVOHksIAK1XHzZAeyRAT6Z","tlshash":"1f12186796d0580527c71cbbb221fbc4fc42840ada069824f05dba7667e6e23eef1774","first_seen":"2023-04-18T08:39:05Z","last_seen":"2024-08-21T08:18:15.263859Z","times_seen":48,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-12-18","alert":"Webmail Providers","trigger":"2836db27.index-asv.pages.dev/","verdict":"phishing","severity":"medium","comment":"Webmail Providers","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-01-03","alert":"Other","trigger":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/favicon.png","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-28","alert":"Sinkholed","trigger":"index-asv.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.pngitem.com/pimgs/m/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png","fqdn":"www.pngitem.com","domain":"pngitem.com","tld":"com"},"ip":{"addr":"204.12.226.3","port":443,"asn":32097,"as":"WII","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","date":"2023-12-28T17:40:40.826Z","timestamp":1703785240826,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pngitem.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 03 Dec 2023 05:01:21 GMT","end":"Sat, 02 Mar 2024 05:01:20 GMT"},"fingerprint":{"sha1":"B2:1C:99:67:E0:73:1D:9F:77:F6:0F:6C:0E:CC:10:7B:A5:25:F1:40","sha256":"C1:C5:33:1F:92:14:9F:02:67:E7:E6:B7:D1:D2:00:4D:42:C6:21:FC:6F:3F:27:36:31:04:7A:35:A1:C7:A1:C9"}}},"request":{"raw":"GET /pimgs/m/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png HTTP/1.1\r\nHost: www.pngitem.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2836db27.index-asv.pages.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.14.0\r\nDate: Thu, 28 Dec 2023 17:40:44 GMT\r\nContent-Type: text/html\r\nContent-Length: 169\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":169,"size_decoded":169,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"42ad531d9c9f8d662fc110e4070ed282","sha1":"67cafbc92cd312ae5ffd0e266755b08e5180bf11","sha256":"663d1dfea5849c27ff75310c3b1db3df150f4954c9f40cb8b34697ec31ad9583","sha512":"e239340976a09a0218377c2bd83cf19300f870cdaa3f897d56c53ffa3edd904c16670620e818f9aba80c190369ee75f328f33769945dfe3d5bc38474c51c8f1b","ssdeep":"","tlshash":"69c08c6d6613bc8dca93227836c3a080c1a6932beaea45110580915370cb2998ac639a","first_seen":"2023-04-05T03:25:11Z","last_seen":"2026-04-02T03:20:47.752057Z","times_seen":1213,"resource_available":true,"data":null}},"time_used":901,"timings":{"blocked":393,"dns":39,"connect":114,"send":0,"wait":116,"receive":0,"ssl":236},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://biofactlife.com\u0026size=16","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-28T17:40:41.355688801Z","timestamp":1703785241355,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://biofactlife.com\u0026size=16 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2836db27.index-asv.pages.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Thu, 28 Dec 2023 17:40:44 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":726,"size_decoded":726,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-04-04T07:11:06.665186Z","times_seen":6576,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://biofactlife.com\u0026size=16","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.164","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","date":"2023-12-28T17:40:41.266Z","timestamp":1703785241266,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:02:55 GMT","end":"Mon, 12 Feb 2024 08:02:54 GMT"},"fingerprint":{"sha1":"5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89","sha256":"6B:8C:96:D3:51:1A:FF:CB:54:1F:32:DB:0D:88:85:07:3E:EC:A3:45:E4:10:B4:AC:47:6E:DC:D2:40:6F:0F:80"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://biofactlife.com\u0026size=16 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://2836db27.index-asv.pages.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Thu, 28 Dec 2023 17:40:44 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":726,"size_decoded":726,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-04-04T07:11:06.665186Z","times_seen":6576,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":71,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","fqdn":"2836db27.index-asv.pages.dev","domain":"index-asv.pages.dev","tld":"pages.dev"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-28T17:40:40.383Z","timestamp":1703785240383,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"index-asv.pages.dev","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 07 Dec 2023 21:37:08 GMT","end":"Wed, 06 Mar 2024 21:37:07 GMT"},"fingerprint":{"sha1":"ED:55:6D:C9:63:5E:B9:D7:8C:AC:3B:86:84:71:4E:6F:C6:DC:7E:11","sha256":"9C:F8:4E:F8:6F:09:DE:6F:92:E8:6E:38:08:52:67:11:40:0E:B7:7F:5D:71:FD:EC:F0:FD:D6:8B:31:7A:AD:B8"}}},"request":{"raw":"GET /nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90 HTTP/1.1\r\nHost: 2836db27.index-asv.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 Dec 2023 17:40:43 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: W/\"81294d14203ba0a263cf151cee114102\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-robots-tag: noindex\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=S9GK3rYG%2BhnDbXJV%2BqAhUbDJrln6x5zsmln71wwq%2FPg2ZuES2o6AhcfJOaAa4HtL%2FPx3xYwlsb25wjzmNkYb5rjNPvA5mcT0msVCN7hXpO%2F5fBF9WWgmiSaEmOPHuwjP2c1TMofLXeJjrstWGxcc\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 83cb970caeaa56b7-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9517,"size_decoded":9517,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (9740), with no line terminators","md5":"0be6828fb011e871d844c755bc35200f","sha1":"2ad5abd9ad36541114309b9a038d6db3bae345ec","sha256":"737adf5a59bcf527280dea1c5fc7ff25dddd4d600d552052f4cd1233156a7468","sha512":"8e9d5e356d412fcbd9dc28c1605dfac69b9e97c31687645e4590973b53feee8d50a5c91a7a648da0453c6617b97c501eb68e3a692be9da712d480367242fc58d","ssdeep":"192:/YWaR2+YkA/tuxx5YSMSxFyAK12yvsQYi8ReMGIF3bkcHL:wJ5xHnIAK1XHzSeNiLkcr","tlshash":"d112196ba690a00537c71cbb7361faf5fc4684099d068814f19cb934e3e6a23eeb1775","first_seen":"2023-04-18T06:58:21Z","last_seen":"2024-08-21T08:35:56.44628Z","times_seen":145,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":17,"dns":0,"connect":1,"send":0,"wait":36,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-12-18","alert":"Webmail Providers","trigger":"2836db27.index-asv.pages.dev/","verdict":"phishing","severity":"medium","comment":"Webmail Providers","link":"https://openphish.com/","meta":null},{"sensor_name":"phishtank","sensor_type":"url","title":"","description":"PhishTank","scan_date":"2023-01-03","alert":"Other","trigger":"2836db27.index-asv.pages.dev/nhxxp/napgarena.vn/nhxxp:/qghqs.com/nhxxp:/bir365.com/nhxxp:/www.entrar.enquete.gerenciagram.net22/90","verdict":"phishing","severity":"medium","comment":"Other","link":"http://phishtank.com","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-12-28","alert":"Sinkholed","trigger":"index-asv.pages.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}