{"report_id":"e62936f3-d294-42ab-a3cf-2ab9da18f874","version":6,"status":"done","tags":["netflix","phishing"],"date":"2026-05-17T12:19:54Z","url":{"schema":"http","addr":"dinamicargas.com.co","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":0,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"dinamicargas.com.co/","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"title":"Netflix","dom":{"size":31803,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (30747)","md5":"01a4fc27b3d19f6c04e88adb212fd483","sha1":"ce8797ef124855eebb85f62674e8b3690a92cc3e","sha256":"5a2666d7693c796fd6e76a7d9bd0ab6c7c424f82fb594b8cec071ea95cf13af2","sha512":"92f5e53832e49cc33dbc647e10d1d65aa16c2594115ba1c695738133e7e84810be5a3052aca4415aba3c00f1bd449542c7b31038b10480936ddff0785c18a15c","ssdeep":"384:8mShRze8J0Ei7s2fI8fTMsElQzP+ExB6y80W7TtdrBIN2u33/nK:8mlI8bVGng3/K","tlshash":"0ee22391aa44d12bfa67862e66c0f70836ede506fdf3099cf414d0508fc3e5e2a7d2a5","dom_hash":"domhash2995779e933376b9238deca46372cee3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dinamicargas.com.co","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":0,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-21T12:19:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"dinamicargas.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"summary":[{"fqdn":"dinamicargas.com.co","ip":{"addr":"15.235.82.117","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":4,"received_data":80230,"sent_data":1973,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"167.82.49.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-10T22:41:13.190184Z","alert_count":0,"request_count":1,"received_data":80768,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"dinamicargas.com.co/ch/js/funcionalert.js","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"2263a69c9624519bf94c185a642b5ca8","sha1":"316cd54a1aa709cc9b1c26012bf2e3b1a7d59a8d","sha256":"cd9fc4c51b5be3bfa8b3155448b34ab7a6c8eea4f631b2dbd3bc075f24d284ba","sha512":"329994458311fd686dab1357ffc3cecfb8c18cc0ca7b6c5f48d802d4dcde513aef765515ffc7e39b4c321fc525e07c55eb3f9b05bb7f0335a434d13ad73ce6a9","ssdeep":"","tlshash":"be019e0679291c7f153157f4e57ed10a6630409af0bb9950b06602b59db01dea40bc84","size":664,"data":"","first_seen":"2025-12-07T23:04:26.880421Z","last_seen":"2026-05-17T14:02:18.998679Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"167.82.49.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8f033d3c7a50e4abe3d98ac65234d13","sha1":"caf431ea6dc8567be010d07f4f7d5798163821de","sha256":"7506c8f4d85e4707ab46f9858f0c6e65e3316b9d2f122dcf485b9dbf39d5a7ac","sha512":"ecad9d89ce602e5121c97135933a33122f0d9b32c15b43949d5fbe51fe576da069e9a416772117eb4666d8354b685046c0d7a3e086f669fffa488e2f05ff0ba3","ssdeep":"1536:iw46xylPIZSKcO355lcVU/SZ2DUdzI8bRj:PxYIvTlcVU/62mI8d","tlshash":"e173f8916a00f03776bb45ae65d1e7047ae99405fcb34894f42cc8804fe7d4f26b7aba","size":79991,"data":"","first_seen":"2026-03-20T09:57:21.567576Z","last_seen":"2026-05-17T16:02:04.932687Z","times_seen":2561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"dinamicargas.com.co/ch/css/login.css","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dinamicargas.com.co/","date":"2026-05-17T12:19:32.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dinamicargas.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 May 2026 15:59:36 GMT","end":"Tue, 11 Aug 2026 15:59:35 GMT"},"fingerprint":{"sha1":"CF:A4:4E:13:CB:EE:82:72:18:3A:28:8A:C5:09:A3:A9:A3:71:D4:74","sha256":"92:F2:31:78:3A:8B:D3:33:4A:D4:8D:DA:8E:CC:6B:2A:43:41:C6:AC:4D:B1:5E:35:05:0D:FD:5E:4A:0E:97:17"}}},"request":{"raw":"GET /ch/css/login.css HTTP/1.1\r\nHost: dinamicargas.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dinamicargas.com.co/\r\nCookie: PHPSESSID=5d9ba030fce0857f9511f29ced50b464\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 24 May 2026 12:19:31 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 19 Mar 2025 00:05:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 609\r\ndate: Sun, 17 May 2026 12:19:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2246,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"78b07f9e6bf2ee0c1383465cc7dcfed1","sha1":"de6c687f110eea4d9e5194a4b1139abae75f4c7b","sha256":"0462d80159473497905731037c9cdaeeeb2b2d63642b4644e3b18fe1edb09d30","sha512":"c20c15342a5db94814e2fa0be0ada5243acb707454f69deb30eb5567648ffd460697a64dd602ba9d35ab609ee0ff7ac8184cc90c3c211e671e6e99a581a25412","ssdeep":"","tlshash":"7041e2259a0008467179e379a7674e79e62704b36102053e7ffc72628f726648ae5fc8","first_seen":"2025-12-07T23:04:26.877692Z","last_seen":"2026-05-17T14:02:18.993417Z","times_seen":4,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"dinamicargas.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"167.82.49.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dinamicargas.com.co/","date":"2026-05-17T12:19:32.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/sweetalert2@11 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dinamicargas.com.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 11.26.24\r\nx-jsd-version-type: version\r\netag: W/\"13877-yvQx6m3IVnvgENB/T31XmBY4Id4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 17 May 2026 12:19:32 GMT\r\nage: 40394\r\nx-served-by: cache-fra-eddf8230135-FRA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 21418\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79991,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (49001)","md5":"e8f033d3c7a50e4abe3d98ac65234d13","sha1":"caf431ea6dc8567be010d07f4f7d5798163821de","sha256":"7506c8f4d85e4707ab46f9858f0c6e65e3316b9d2f122dcf485b9dbf39d5a7ac","sha512":"ecad9d89ce602e5121c97135933a33122f0d9b32c15b43949d5fbe51fe576da069e9a416772117eb4666d8354b685046c0d7a3e086f669fffa488e2f05ff0ba3","ssdeep":"1536:iw46xylPIZSKcO355lcVU/SZ2DUdzI8bRj:PxYIvTlcVU/62mI8d","tlshash":"e173f8916a00f03776bb45ae65d1e7047ae99405fcb34894f42cc8804fe7d4f26b7aba","first_seen":"2026-03-20T09:57:21.567576Z","last_seen":"2026-05-17T16:02:04.932687Z","times_seen":2561,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":67,"dns":3,"connect":26,"send":0,"wait":27,"receive":7,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dinamicargas.com.co/ch/js/funcionalert.js","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dinamicargas.com.co/","date":"2026-05-17T12:19:32.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dinamicargas.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 May 2026 15:59:36 GMT","end":"Tue, 11 Aug 2026 15:59:35 GMT"},"fingerprint":{"sha1":"CF:A4:4E:13:CB:EE:82:72:18:3A:28:8A:C5:09:A3:A9:A3:71:D4:74","sha256":"92:F2:31:78:3A:8B:D3:33:4A:D4:8D:DA:8E:CC:6B:2A:43:41:C6:AC:4D:B1:5E:35:05:0D:FD:5E:4A:0E:97:17"}}},"request":{"raw":"GET /ch/js/funcionalert.js HTTP/1.1\r\nHost: dinamicargas.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dinamicargas.com.co/\r\nCookie: PHPSESSID=5d9ba030fce0857f9511f29ced50b464\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 24 May 2026 12:19:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 19 Mar 2025 00:05:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 355\r\ndate: Sun, 17 May 2026 12:19:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":664,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"2263a69c9624519bf94c185a642b5ca8","sha1":"316cd54a1aa709cc9b1c26012bf2e3b1a7d59a8d","sha256":"cd9fc4c51b5be3bfa8b3155448b34ab7a6c8eea4f631b2dbd3bc075f24d284ba","sha512":"329994458311fd686dab1357ffc3cecfb8c18cc0ca7b6c5f48d802d4dcde513aef765515ffc7e39b4c321fc525e07c55eb3f9b05bb7f0335a434d13ad73ce6a9","ssdeep":"","tlshash":"be019e0679291c7f153157f4e57ed10a6630409af0bb9950b06602b59db01dea40bc84","first_seen":"2025-12-07T23:04:26.880421Z","last_seen":"2026-05-17T14:02:18.998679Z","times_seen":4,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"dinamicargas.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dinamicargas.com.co/ch/images/logo.jpg","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dinamicargas.com.co/","date":"2026-05-17T12:19:32.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dinamicargas.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 May 2026 15:59:36 GMT","end":"Tue, 11 Aug 2026 15:59:35 GMT"},"fingerprint":{"sha1":"CF:A4:4E:13:CB:EE:82:72:18:3A:28:8A:C5:09:A3:A9:A3:71:D4:74","sha256":"92:F2:31:78:3A:8B:D3:33:4A:D4:8D:DA:8E:CC:6B:2A:43:41:C6:AC:4D:B1:5E:35:05:0D:FD:5E:4A:0E:97:17"}}},"request":{"raw":"GET /ch/images/logo.jpg HTTP/1.1\r\nHost: dinamicargas.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dinamicargas.com.co/\r\nCookie: PHPSESSID=5d9ba030fce0857f9511f29ced50b464\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 24 May 2026 12:19:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 19 Mar 2025 00:05:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 74526\r\ndate: Sun, 17 May 2026 12:19:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":74526,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 1200x801, components 3","md5":"f44232cad90be76b9524ae60504fe23b","sha1":"f4bf6259661c1b011b1b11d0b0328759451f0c29","sha256":"3cb51ecde5c4df9686a009a3a8a3d23e88c277ba58f7b94d92ad0b2a6203e15d","sha512":"47836268df24608ea6386ba02bc75149e237610c545a4ef6b0691cdec4b79a75b18f43613bf8f9c9f721a22926762c536c3e807b773b74a2efe90707ad7428fc","ssdeep":"1536:I4K1+7J7xjTsl9MLscrJ5E5pLzZt+As0cb7+d:rK1yhosyL9tJsQd","tlshash":"e473d5478908c7d2a52c42e8bd435eec2f072b58e8926eef10621fdf7d142635cda56e","first_seen":"2025-12-07T23:04:26.881694Z","last_seen":"2026-05-17T14:02:18.999816Z","times_seen":4,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":154,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"dinamicargas.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"dinamicargas.com.co/","fqdn":"dinamicargas.com.co","domain":"dinamicargas.com.co","tld":"com.co"},"ip":{"addr":"15.235.82.117","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-17T12:19:31.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dinamicargas.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 May 2026 15:59:36 GMT","end":"Tue, 11 Aug 2026 15:59:35 GMT"},"fingerprint":{"sha1":"CF:A4:4E:13:CB:EE:82:72:18:3A:28:8A:C5:09:A3:A9:A3:71:D4:74","sha256":"92:F2:31:78:3A:8B:D3:33:4A:D4:8D:DA:8E:CC:6B:2A:43:41:C6:AC:4D:B1:5E:35:05:0D:FD:5E:4A:0E:97:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dinamicargas.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nset-cookie: PHPSESSID=5d9ba030fce0857f9511f29ced50b464; path=/; secure\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 451\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 17 May 2026 12:19:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":1154,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a8acdf6f344c36ffcac2146aab19aca1","sha1":"54083b33f03a5a2a5b211c7d414c38ffa1d905da","sha256":"aa7de659f1d3d91f01b3505cc400a39f7c6a52c0bcf3b976ae559c362e260c9f","sha512":"3403b0e555a420829e103eee4fe2c4bb7ff9b4b75148773ec1d72f065f40ad359929272599c3a633659c633aa97f06a5e44c46ae7ce06f3ca67b187c054e170a","ssdeep":"","tlshash":"8221f30358c7ac0a0133426498da9948d94ad2279707cd5075ecb7afbff694449e7b8c","first_seen":"2025-12-07T23:04:26.883231Z","last_seen":"2026-05-17T14:02:18.992625Z","times_seen":4,"resource_available":true,"data":null}},"time_used":806,"timings":{"blocked":352,"dns":145,"connect":100,"send":0,"wait":101,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"dinamicargas.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}}]}