{"report_id":"cabdc038-2722-4986-b232-059a51050149","version":0,"status":"done","tags":[],"date":"2026-07-03T00:13:26Z","url":{"schema":"http","addr":"correos-institucionallco2026x.iceiy.com","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/?i=1","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"title":"Iniciar sesión en tu cuenta Microsoft","dom":{"size":12854,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"934da01faa887fcccad55c627bd604b5","sha1":"d95736b48ae8adce6cd2ab009cc3f232ddfffc0d","sha256":"d2150dbab025148dbd136e9df82318b41fed5481c40c83691ecdf301a40dfeac","sha512":"a54254e16e646b87c7623ddd0b6cb969a3013f0d41ca9faffa9342280f901b82bcd1d38efcb55760c66a04dedf8c9fffdb4ebe48014357dd8a4fb201da79f362","ssdeep":"192:zF9bNd/zufDkxmFBMGdFhvLzb8glurEz1yhanHLyhaIyAiBKIiKnj:R93zMDkxmFBxdFhnp","tlshash":"91427361f4f11db31153a05826aba50b799180039c4dee10ba6c4bed2fdae5fed63389","dom_hash":"domhashf20860cdab3afd5482e3f11fdc9f1bb5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"correos-institucionallco2026x.iceiy.com","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T00:13:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cdn.glitch.global","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-28T22:41:44.776353Z","alert_count":0,"request_count":1,"received_data":102995,"sent_data":548,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"correos-institucionallco2026x.iceiy.com","ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-12-06","domain_rank":0,"first_seen":"2026-07-03T00:13:26.500416Z","last_seen":"2026-07-03T00:13:26.500416Z","alert_count":18,"request_count":6,"received_data":45622,"sent_data":3303,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.freepnglogos.com","ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2016-10-07","domain_rank":880176,"first_seen":"2017-02-09T09:00:11Z","last_seen":"2026-07-03T00:08:21.055578Z","alert_count":0,"request_count":1,"received_data":46327,"sent_data":613,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-06-29T07:35:33.126858Z","alert_count":0,"request_count":1,"received_data":90460,"sent_data":525,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.glitch.global","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-09-09","domain_rank":2823658,"first_seen":"2022-01-13T10:18:16Z","last_seen":"2026-06-27T23:52:25.023687Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":635,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":508,"sent_data":550,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/aes.js","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc66e046447092c606f2587837f96874","sha1":"fcf354a8044f494ee1f9fe868dde3f570f50e593","sha256":"5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96","sha512":"51cd149b2876e90621afc579fb172e253548a851d4c202181e1faba812f5beb1ae9ccf9f153137f60c569e05a79dcb272176e0126eceac54316208d2699a689f","ssdeep":"192:4hsoEj776Bn/tnHcgaollys/6+EgH3JLg7oLu0MyMVu:i50/3xoGs/jE839g2FB1","tlshash":"355200c203894a7cf2c92ed68c2f605620f3e54a3d251249efb399dbbc77d895075a36","size":13733,"data":"","first_seen":"2023-10-15T19:29:47Z","last_seen":"2026-07-03T02:55:50.472399Z","times_seen":7900,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-07-03T03:02:18.624217Z","times_seen":256903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/key.js","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f73d3a977d9ac7f5bf4df5c44102898","sha1":"1b8be301f05044017baa81bfae601006533dac7f","sha256":"5015981966ce811f70ab41374259b42b4508c0edcca4755ae6e6cf2dd6d0d2f5","sha512":"078c76b1444ae4ba7d007873cc0bc9a37329cea8cb9cc8e49bb2918950368226e731f3e2a0a39bf8bfaf6718bd82581d35f2992af6efa8d8a9b38645bee187f4","ssdeep":"","tlshash":"7fc08c47e20804231a94a2e25202806d729659de003d1e738180a83a418d62b2106a9a","size":150,"data":"","first_seen":"2026-07-03T00:13:27.855524Z","last_seen":"2026-07-03T00:13:27.855524Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/?i=1","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"efeea2e75caced5975a6ead542da0995","sha1":"69a147efa99e85d5777303295f0d157b508cf604","sha256":"3faf073de4ecba6838c8dbcab234ab1c4f36c18eb12e48bda46157a9339f778a","sha512":"3ba27e1b9043a097058e4c35b308c8a005baaf3c700da13b016f9f8d1b68a256e09203c7a613f7a8011ec955593a45aef0c7826cf12c0fd9a62c6b97c2a0fe52","ssdeep":"","tlshash":"78e086e9b8f394b0415af16e092ed41126344c86908c9e06b8810d29ff8121c9fa1872","size":299,"data":"","first_seen":"2026-07-03T00:13:27.865526Z","last_seen":"2026-07-03T00:13:27.865526Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/?i=1","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"a2f7693cf0ccf61b425b656910356643","sha1":"27bb2259cbf447d9c81e900f3ee7c8e7340363fa","sha256":"ff0b7e20fa99d80507a9ccf01d7b7d167a63d28213859b551e21c6efe29aeb82","sha512":"f79a1d2f85929a8f3a685864578c9d6d2265991f54157c7f5a71892df5049b8ba3dc09c8f827a0af9a9fd89c9fa56243c2fb3096fa3d17ab60d82b514c3ad440","ssdeep":"192:CdFhvLzb8glurEz1yhanHLyhaIyAiBKIiKG:CdFhn8","tlshash":"4ef12216f4b62ca215a371792bbfa006356140571c48fe10be5c966c3f8ca2fb9727de","size":7691,"data":"","first_seen":"2026-07-03T00:13:27.866617Z","last_seen":"2026-07-03T00:13:27.866617Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.165Z","timestamp":1783037584165,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 00:13:04 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 9428\r\nexpires: Wed, 23 Jun 2027 00:13:04 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W0%2FCK254ysC1SGfTp0LVNY0nHqgFSxBJqZcsyiI2XFCjveBOAy5FDYFbGVPVY%2BZzARfikqu79k3AkNhYs33hHmWBmEEZfGCZexswbUyZ8jSVY3Ll4pI2s7WxWXPKQpk07ImY3BFb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a151aea52add2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":19722,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-07-03T03:24:16.11052Z","times_seen":53409,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":2,"connect":14,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/key.js","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.168Z","timestamp":1783037584168,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Mon, 15 Jun 2026 00:00:00 GMT","end":"Sun, 13 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:1B:11:96:51:95:25:92:50:B0:24:23:EA:D9:65:CE:C5:C9:FB:5A","sha256":"D6:83:43:2C:3F:21:EF:78:C9:44:EA:2E:9B:0B:42:E8:A0:0E:1B:E9:9A:B5:47:D9:3C:1F:99:FC:37:51:D4:B1"}}},"request":{"raw":"GET /key.js HTTP/1.1\r\nHost: correos-institucionallco2026x.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/?i=1\r\nCookie: __test=b7068d675384559aa32c0e0df3f087cb\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 03 Jul 2026 00:13:03 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 150\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Jun 2026 11:35:57 GMT\r\nETag: \"96-653f8c37f1f0a\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Sun, 02 Aug 2026 00:13:03 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":150,"size_decoded":517,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"2f73d3a977d9ac7f5bf4df5c44102898","sha1":"1b8be301f05044017baa81bfae601006533dac7f","sha256":"5015981966ce811f70ab41374259b42b4508c0edcca4755ae6e6cf2dd6d0d2f5","sha512":"078c76b1444ae4ba7d007873cc0bc9a37329cea8cb9cc8e49bb2918950368226e731f3e2a0a39bf8bfaf6718bd82581d35f2992af6efa8d8a9b38645bee187f4","ssdeep":"","tlshash":"7fc08c47e20804231a94a2e25202806d729659de003d1e738180a83a418d62b2106a9a","first_seen":"2026-07-03T00:13:27.855524Z","last_seen":"2026-07-03T00:13:27.855524Z","times_seen":1,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.freepnglogos.com/uploads/microsoft-logo-png-transparent-background-1.png","fqdn":"www.freepnglogos.com","domain":"freepnglogos.com","tld":"com"},"ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.179Z","timestamp":1783037584179,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freepnglogos.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 03:36:54 GMT","end":"Mon, 03 Aug 2026 03:36:53 GMT"},"fingerprint":{"sha1":"EE:23:79:61:B6:BD:EB:9E:F3:33:21:B3:72:F3:D3:8D:A3:0B:31:0C","sha256":"69:13:91:15:6A:72:5C:D8:32:88:8B:76:F0:22:C2:9B:4A:F1:44:6F:DA:AB:4D:4E:9C:1B:B6:FB:86:CB:88:59"}}},"request":{"raw":"GET /uploads/microsoft-logo-png-transparent-background-1.png HTTP/1.1\r\nHost: www.freepnglogos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Fri, 03 Jul 2026 00:13:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 46043\r\nlast-modified: Sat, 20 Aug 2022 14:09:47 GMT\r\netag: \"6300eb2b-b3db\"\r\ncache-control: no-cache, must-revalidate\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46043,"size_decoded":46327,"mime_type":"image/png","magic":"PNG image data, 5471 x 1280, 8-bit/color RGBA, non-interlaced","md5":"c117a0bda103aeb25c145a71b0b8ac5a","sha1":"3dd6e5ccf39e92e840404bdab510c8d67bd6e768","sha256":"4bad04d35478f23907ff0e6433a492400840cec4fbd6a487752dd5bdcbbca029","sha512":"73136f1a544983f8ed0e909d0811bbf7fd61ccbeb84bb2023af56943949ea082306576bff227fc71c864d2022e429059231aa082d19977dead2de25c07e17bc8","ssdeep":"768:sgFuRUyAenFPQDYEP6BI1fdR9QgPla9qO:sfZZiPpLR9d9a9qO","tlshash":"1f2329b54c9b89f5c10d4876dc789fa972f81ade6224332d433e7a3d78963ca6004add","first_seen":"2023-11-03T14:17:52Z","last_seen":"2026-07-03T00:13:27.856558Z","times_seen":241,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":122,"dns":0,"connect":32,"send":0,"wait":33,"receive":65,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/faviconout.ico","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.513Z","timestamp":1783037584513,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Mon, 15 Jun 2026 00:00:00 GMT","end":"Sun, 13 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:1B:11:96:51:95:25:92:50:B0:24:23:EA:D9:65:CE:C5:C9:FB:5A","sha256":"D6:83:43:2C:3F:21:EF:78:C9:44:EA:2E:9B:0B:42:E8:A0:0E:1B:E9:9A:B5:47:D9:3C:1F:99:FC:37:51:D4:B1"}}},"request":{"raw":"GET /faviconout.ico HTTP/1.1\r\nHost: correos-institucionallco2026x.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/?i=1\r\nCookie: __test=b7068d675384559aa32c0e0df3f087cb\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 03 Jul 2026 00:13:03 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 17174\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Jun 2026 11:35:53 GMT\r\nETag: \"4316-653f8c34eb7fa\"\r\nCache-Control: max-age=2592000, public\r\nExpires: Sun, 02 Aug 2026 00:13:03 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17174,"size_decoded":17500,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors","md5":"12e3dac858061d088023b2bd48e2fa96","sha1":"e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5","sha256":"90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21","sha512":"c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01","ssdeep":"24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO","tlshash":"b772e35b1f5f4981ec4b0db80b125e80c5e49c973854dffbdb76b62888b0364ab845eb","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-07-03T02:05:51.203921Z","times_seen":167665,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T00:13:03.302Z","timestamp":1783037583302,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Mon, 15 Jun 2026 00:00:00 GMT","end":"Sun, 13 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:1B:11:96:51:95:25:92:50:B0:24:23:EA:D9:65:CE:C5:C9:FB:5A","sha256":"D6:83:43:2C:3F:21:EF:78:C9:44:EA:2E:9B:0B:42:E8:A0:0E:1B:E9:9A:B5:47:D9:3C:1F:99:FC:37:51:D4:B1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: correos-institucionallco2026x.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 03 Jul 2026 00:13:02 GMT\r\nContent-Type: text/html\r\nContent-Length: 866\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":866,"size_decoded":1076,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (866), with no line terminators","md5":"93e403be9dfe182437603bd58f146ca4","sha1":"14eee7fcce9d10adb63eb05bb67bf19a5fb9da65","sha256":"ac0b9c0309882aa7d6d2252a28908c6efaea840041846338ca1e009ac9b02c52","sha512":"c2e2dd0b9f5005f87d1bccf6683ce681179f0a50e391816a86764a166d56780a3cb63bd67b6316ffc9f06e57dccb8773173ac1ecf2cc2c4449e6d112e688d0ff","ssdeep":"","tlshash":"7f111eb8eca1e4c58fc001c02476d16e6421a6a1e501c9afd0c282a856e1bdc0e4adba","first_seen":"2026-07-03T00:13:27.858347Z","last_seen":"2026-07-03T00:13:27.858347Z","times_seen":1,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":0,"dns":100,"connect":31,"send":0,"wait":31,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/aes.js","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://correos-institucionallco2026x.iceiy.com/","date":"2026-07-03T00:13:03.762Z","timestamp":1783037583762,"http_version":"HTTP/1.1","security_state":"secure","security_info":null,"request":{"raw":"GET /aes.js HTTP/1.1\r\nHost: correos-institucionallco2026x.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T03:08:26.856682Z","times_seen":16929979,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.166Z","timestamp":1783037584166,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 26 Jun 2026 06:22:54 GMT\r\nexpires: Sat, 26 Jun 2027 06:22:54 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 582610\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":89476,"size_decoded":32005,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-07-03T03:02:18.624217Z","times_seen":256903,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":3,"connect":16,"send":0,"wait":17,"receive":16,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/out.css","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.171Z","timestamp":1783037584171,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Mon, 15 Jun 2026 00:00:00 GMT","end":"Sun, 13 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:1B:11:96:51:95:25:92:50:B0:24:23:EA:D9:65:CE:C5:C9:FB:5A","sha256":"D6:83:43:2C:3F:21:EF:78:C9:44:EA:2E:9B:0B:42:E8:A0:0E:1B:E9:9A:B5:47:D9:3C:1F:99:FC:37:51:D4:B1"}}},"request":{"raw":"GET /out.css HTTP/1.1\r\nHost: correos-institucionallco2026x.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/?i=1\r\nCookie: __test=b7068d675384559aa32c0e0df3f087cb\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 03 Jul 2026 00:13:03 GMT\r\nContent-Type: text/css\r\nContent-Length: 12394\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Jun 2026 11:35:57 GMT\r\nETag: \"306a-653f8c389c5b2\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Sun, 02 Aug 2026 00:13:03 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12394,"size_decoded":12751,"mime_type":"text/css","magic":"ASCII text","md5":"2b30913693471dc2be65709c79413481","sha1":"57bcc227ec7d8580c9498d4bc15f193678f793de","sha256":"924870e2cb9b4f805483e589b654391beea66c1409a6fe84755498ce1ec36fca","sha512":"62f3a9b9ea3a9ef66097c2987c44416593d13f5dd3a94fefc0aebc85a3c2a48d78e73f3a2601a2ddce5ff432516da66aebc5311e9469bc76db4d8586cabdb437","ssdeep":"192:Snr2svWOt2L0iGTCeeyVYVOOVCB0Xqlvr9NqPxAbYEYoUno77tlGRTcezFQmSIQi:6vdDTleymTbFTvER13FcKA","tlshash":"c542df9aaa6315467817e87c27e74b466378c003d10bcd7e3fdc6358cf862e849917ac","first_seen":"2026-07-03T00:13:27.862253Z","last_seen":"2026-07-03T00:13:27.862253Z","times_seen":1,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":31,"send":0,"wait":33,"receive":29,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.glitch.global/97ec72d4-c73a-4009-af5d-af7e51eb62c3/78_3a53c38a2dc671fb4daf.jpg?v=1749764353828","fqdn":"cdn.glitch.global","domain":"glitch.global","tld":"global"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.310Z","timestamp":1783037584310,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /97ec72d4-c73a-4009-af5d-af7e51eb62c3/78_3a53c38a2dc671fb4daf.jpg?v=1749764353828 HTTP/1.1\r\nHost: cdn.glitch.global\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T03:08:26.856682Z","times_seen":16929979,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"cdn.glitch.global","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"correos-institucionallco2026x.iceiy.com/?i=1","fqdn":"correos-institucionallco2026x.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.98","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T00:13:03.866Z","timestamp":1783037583866,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Mon, 15 Jun 2026 00:00:00 GMT","end":"Sun, 13 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:1B:11:96:51:95:25:92:50:B0:24:23:EA:D9:65:CE:C5:C9:FB:5A","sha256":"D6:83:43:2C:3F:21:EF:78:C9:44:EA:2E:9B:0B:42:E8:A0:0E:1B:E9:9A:B5:47:D9:3C:1F:99:FC:37:51:D4:B1"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: correos-institucionallco2026x.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nCookie: __test=b7068d675384559aa32c0e0df3f087cb\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 03 Jul 2026 00:13:03 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 13422\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Jun 2026 11:35:54 GMT\r\nETag: \"346e-653f8c35ae546\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Sun, 02 Aug 2026 00:13:03 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":13422,"size_decoded":13778,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"593d99f404c562371e4e86edf0f1c71b","sha1":"56c6421a54ba1a0c87a9b26c316982b036e1cc55","sha256":"477616060f34afe57dea3bf8d4b296d4ca61d77360ef1615ee65e4e37078d84e","sha512":"3921e1bbd12d36e9e1f8f2104eba92415cecb236e8e6e630b38f879d49d96aaae5c5420101e952d820ba6324f390485ba69d5051908351a91e74bf642b6809f1","ssdeep":"192:UF9bNjmrqufDkXLBMGdFhvLzb8glurEz1yhanHLyhaIyAiBKIiKR:q92qMDkXLBxdFhnn","tlshash":"90527361f4f11d730193a05826bba50b795180039c49ae10ba6c47ed2fdaf5fee6338d","first_seen":"2026-07-03T00:13:27.86368Z","last_seen":"2026-07-03T00:13:27.86368Z","times_seen":1,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"correos-institucionallco2026x.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Segoe+UI:wght@400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://correos-institucionallco2026x.iceiy.com/?i=1","date":"2026-07-03T00:13:04.162Z","timestamp":1783037584162,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /css2?family=Segoe+UI:wght@400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://correos-institucionallco2026x.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 \r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Fri, 03 Jul 2026 00:13:04 GMT\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T03:08:26.856682Z","times_seen":16929979,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
