{"report_id":"dea54aff-008b-4120-9fa1-4ea28285240b","version":6,"status":"done","tags":[],"date":"2025-12-22T07:27:55Z","url":{"schema":"https","addr":"willowy-capybara-34a3e6.netlify.app/info.html","fqdn":"willowy-capybara-34a3e6.netlify.app","domain":"willowy-capybara-34a3e6.netlify.app","tld":"netlify.app"},"ip":{"addr":"35.157.26.135","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"willowy-capybara-34a3e6.netlify.app/info.html","fqdn":"willowy-capybara-34a3e6.netlify.app","domain":"willowy-capybara-34a3e6.netlify.app","tld":"netlify.app"},"title":"ikhuigihj","dom":{"size":20548,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"49ab4358d4621d18c7c91a779b2a0c36","sha1":"b74ecec1fef7761150131edbd8bc165610d3c586","sha256":"8a245c8937fa46f8cd8b4e601228c333164d4d88d1ddebf5c081c0d14bce0440","sha512":"f007ce754270c00abb34f3ea54cf048af2e4286b80450a7da6f144680639b70f607c4f6da994fed77f3f439ff104306619409c38c9bc5774d6c38749782fbed4","ssdeep":"384:J/E+IrFbFjOR42n1T9hBl307Mzi020//+PQMOs0VwXMjsf4wgQ1whtZL1/fjtMjU:5E+IrFbFjW42R9F30Yzi0//+PQMOs0Vf","tlshash":"4592861d29e200639a93537e3ed7910a7615c04bcb0aa8597f4ca3518fd6f89ed73bc8","dom_hash":"domhash6f07dfb96196addeefeee50b74e2f6fd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"willowy-capybara-34a3e6.netlify.app/info.html","fqdn":"willowy-capybara-34a3e6.netlify.app","domain":"willowy-capybara-34a3e6.netlify.app","tld":"netlify.app"},"ip":{"addr":"35.157.26.135","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-26T07:27:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-22T07:27:32Z","timestamp":1766388452,"ip_dst":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"172.18.0.14","port":54438,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2025-12-22T07:27:32.940832+0000\",\"flow_id\":663275874591372,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.14\",\"src_port\":54438,\"dest_ip\":\"63.176.8.218\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"willowy-capybara-34a3e6.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3503,\"start\":\"2025-12-22T07:27:32.893580+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2025-12-22","alert":"Detects file containing Telegram Bot API","trigger":"willowy-capybara-34a3e6.netlify.app/info.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-22","alert":"Phishing Block","trigger":"willowy-capybara-34a3e6.netlify.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-22","alert":"Sinkholed","trigger":"willowy-capybara-34a3e6.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"willowy-capybara-34a3e6.netlify.app","ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-05-08","domain_rank":0,"first_seen":"2025-12-22T06:43:18.275054Z","last_seen":"2025-12-22T06:43:19.311009Z","alert_count":5,"request_count":2,"received_data":24913,"sent_data":999,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]},{"fqdn":"banner2.cleanpng.com","ip":{"addr":"172.67.144.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-20","domain_rank":1772171,"first_seen":"2019-08-22T03:10:16Z","last_seen":"2025-12-22T06:43:39.586391Z","alert_count":0,"request_count":1,"received_data":41195,"sent_data":563,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"willowy-capybara-34a3e6.netlify.app/info.html","fqdn":"willowy-capybara-34a3e6.netlify.app","domain":"willowy-capybara-34a3e6.netlify.app","tld":"netlify.app"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-22T07:27:32.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 31 Jan 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"04:28:C9:A3:BC:06:50:9C:6B:0B:67:72:82:27:C6:3D:99:1B:5B:71","sha256":"FA:34:6A:A0:1C:F5:9C:C7:30:CA:55:23:13:A1:3E:0F:21:8C:3A:0B:B5:CC:E5:67:09:FE:64:EC:97:4E:8D:75"}}},"request":{"raw":"GET /info.html HTTP/1.1\r\nHost: willowy-capybara-34a3e6.netlify.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 42144\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 22 Dec 2025 07:27:32 GMT\r\netag: \"b2d13d3efd3664984686834784c64fd0-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KD2F9KKGGMBRRDWNG5MXBC2K\r\ncontent-length: 4185\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":20537,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"4fcb7ff9003d417029051e87c8f1612f","sha1":"322959eeb837e265621fad6bae33d42ff4f50c61","sha256":"d88407cba9d39e553fccf63a414c214f79e89ae51f640479fbd7e881e72c27e6","sha512":"6cc3056dab9a2ea07c9232e3ddc989478ed48dac23960087cd1e6548eec101abd1f2b869d149a9e5c800f5c33c6193f27f875956a48f1f129c3328257659c1e4","ssdeep":"384:r/E+IrFbFjOR42n1T9hK307Mzi020//+PQMOs0VwXMjsf4wgQ1whtZL1/fjtMjsj:TE+IrFbFjW42R9030Yzi0//+PQMOs0VP","tlshash":"3892861d29e200639a93537e3ed7910a7615804bcb0aa8597f4ca3518fd6f89ed73bcc","first_seen":"2025-12-22T04:13:05.825238Z","last_seen":"2025-12-22T07:27:55.815136Z","times_seen":4,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":83,"dns":17,"connect":23,"send":0,"wait":23,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2025-12-22","alert":"Detects file containing Telegram Bot API","trigger":"willowy-capybara-34a3e6.netlify.app/info.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-22","alert":"Phishing Block","trigger":"willowy-capybara-34a3e6.netlify.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-22","alert":"Sinkholed","trigger":"willowy-capybara-34a3e6.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"banner2.cleanpng.com/20180604/pvl/kisspng-united-states-postal-service-mail-package-delivery-5b153fa09ee202.6661663815281192006508.jpg","fqdn":"banner2.cleanpng.com","domain":"cleanpng.com","tld":"com"},"ip":{"addr":"172.67.144.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://willowy-capybara-34a3e6.netlify.app/info.html","date":"2025-12-22T07:27:33.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cleanpng.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 02:56:48 GMT","end":"Mon, 02 Mar 2026 03:54:27 GMT"},"fingerprint":{"sha1":"40:D8:11:81:1A:71:CE:88:61:A9:CB:C5:E6:F6:AF:0F:6D:43:07:36","sha256":"56:57:09:21:50:89:CD:3F:1F:C7:48:64:03:0A:92:FF:EF:C5:E0:FB:7A:03:30:84:34:DC:69:18:42:C8:B2:B2"}}},"request":{"raw":"GET /20180604/pvl/kisspng-united-states-postal-service-mail-package-delivery-5b153fa09ee202.6661663815281192006508.jpg HTTP/1.1\r\nHost: banner2.cleanpng.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://willowy-capybara-34a3e6.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 22 Dec 2025 07:27:33 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 40464\r\nserver: cloudflare\r\nlast-modified: Wed, 22 Jan 2025 01:26:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67904956-9e10\"\r\nexpires: Mon, 21 Dec 2026 16:48:03 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nage: 52769\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=67OWL2mIJkR5%2B9ZJmfEupTZC2z8qQrOjsU2k%2BTm%2FtIv%2F0x0dDHSYiXj1BldZZHVAsfpi84iqrLCXuzc3jtVZZmcKCOs8MTZgzW7PanavqLZ7rC%2F%2F\"}]}\r\ncf-ray: 9b1de5b8bdd3783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40464,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1020x280, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"910e8e45301d074abfb43c24fb029adb","sha1":"82ed39b16a4e5582924fd612d5b6965051a4b79a","sha256":"ebc5a8baa0f220c0049cf470015c12e32b7fdece3abfa0e7274560f8a2ae084b","sha512":"fc781800f140661a6ab1d2318b8c4f0755c072644fe3962078347db8ff98eeab89fb681c4ea98e1ef8f8c4d9570450b7f2ba7b4696b0a7fbfc37c4f32b7c9b50","ssdeep":"768:FLB71rESuPZSj3xH9sth4tQuatoqj115jdmvf1YfNUc1HRQPPGLPI9+:ZESpJ96hT9FLNdm8x20A4","tlshash":"1203f162c1e95d9a732487ffb9e2b8b0d28e55739493639cecce3872a07a2753856401","first_seen":"2025-12-22T04:13:05.828211Z","last_seen":"2025-12-22T07:27:55.815682Z","times_seen":4,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":24,"dns":4,"connect":1,"send":0,"wait":8,"receive":5,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"willowy-capybara-34a3e6.netlify.app/favicon.ico","fqdn":"willowy-capybara-34a3e6.netlify.app","domain":"willowy-capybara-34a3e6.netlify.app","tld":"netlify.app"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://willowy-capybara-34a3e6.netlify.app/info.html","date":"2025-12-22T07:27:33.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 31 Jan 2025 00:00:00 GMT","end":"Tue, 03 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"04:28:C9:A3:BC:06:50:9C:6B:0B:67:72:82:27:C6:3D:99:1B:5B:71","sha256":"FA:34:6A:A0:1C:F5:9C:C7:30:CA:55:23:13:A1:3E:0F:21:8C:3A:0B:B5:CC:E5:67:09:FE:64:EC:97:4E:8D:75"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: willowy-capybara-34a3e6.netlify.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://willowy-capybara-34a3e6.netlify.app/info.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 42144\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Mon, 22 Dec 2025 07:27:33 GMT\r\netag: 1766271064-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KD2F9KXP9HAJJ1ECDH9A9HH3\r\ncontent-length: 1225\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0f89e18d0abacb99149c5e59bf69b5e1","sha1":"9e1ebb10be890c5855eec444233c028270d3e65a","sha256":"8514f0009a58c6e0acb5468f88037732b59b70af5e524f452e3bef8fb33effc5","sha512":"5275d80f3f8f1f5e0d1b6b6b0745732a69d669d66dcdab418fc5a2094bffcb81ff1d34252c97c6dffe5470f0d359a3be03cfd3dfe3d729bf186917c8cf21ece0","ssdeep":"","tlshash":"1f61848dc9a7209b5c93643e27eb560a2274a247cd46da4c3fde6348cf492f214d36ac","first_seen":"2024-12-12T10:00:11.490986Z","last_seen":"2026-04-03T20:37:55.534368Z","times_seen":8866,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-22","alert":"Phishing Block","trigger":"willowy-capybara-34a3e6.netlify.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-22","alert":"Sinkholed","trigger":"willowy-capybara-34a3e6.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}