{"report_id":"ea4a9e84-cfcc-4256-ad14-6c74fc51ebaa","version":0,"status":"done","tags":["meta","facebook","phishing","social"],"date":"2026-06-20T07:55:33Z","url":{"schema":"http","addr":"ginnovenergy.com/fb-page-review/login","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":0,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login/","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"title":"Facebook","dom":{"size":416126,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (64655)","md5":"36df0b3097d357ffc6595053e8ec80ce","sha1":"a2284a857b836d4691361f02e278a74083ec6d3b","sha256":"e4f3f24f81c0b6cb4caae1193a86ee690eb25eeade91c4f3f08dde2596854575","sha512":"8f324708d7895d784f99396ec5cfbebb2627d3b5d2d7d0969303cab0ef3bd57243ff614f78f64e823dc7b64e33b91af4c5f21a159b5f5752890be3e7d3c97112","ssdeep":"6144:cHo7qZjispgNmzUhE+GnIWnIjiD99jifsdaibYkIkKxVdexZwFnlq99rnE+w0Giy:Oew7hbO9","tlshash":"27945d05f904c4362b3b0ff2e4a67907bb6c0c479a8449e4e1ad6e7975c67b8231bb17","dom_hash":"domhashb9eba2364dc570fba314e853470d8884","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ginnovenergy.com/fb-page-review/login","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":0,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-25T07:55:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ginnovenergy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]},"summary":[{"fqdn":"static.xx.fbcdn.net","ip":{"addr":"157.240.200.14","port":443,"asn":32934,"as":"FACEBOOK","country":"Denmark","country_code":"DK"},"domain_registered":"2007-05-03","domain_rank":4147,"first_seen":"2012-12-01T13:12:13Z","last_seen":"2026-06-15T11:58:07.029283Z","alert_count":0,"request_count":1,"received_data":22282,"sent_data":560,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ginnovenergy.com","ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"2025-12-18","domain_rank":0,"first_seen":"2026-06-20T07:55:33.976679Z","last_seen":"2026-06-20T07:55:33.976679Z","alert_count":20,"request_count":5,"received_data":611978,"sent_data":2644,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login/","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f78a7c0b45fd0595a91243227ffb872","sha1":"e677889be70097f3453a95d7d0416023ed906ab9","sha256":"7f739b6edd111e2752be8caff2f51617546590c0207cdd4364d4e6a3c2f5c711","sha512":"49332154b8f8b9644a35c91b53cc2a652332ce8d652d5f20e97f8699b1403950572bdca6ce8f2990ce16b93d465a34315536817032fee9c72af469ec8057a962","ssdeep":"","tlshash":"45e0c0b7041e04da0f0e117cab06d1c70033850e6895e618795fd3154702269c082ae8","size":361,"data":"","first_seen":"2026-06-13T01:30:46.686923Z","last_seen":"2026-06-20T08:22:18.071725Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"static.xx.fbcdn.net/rsrc.php/y1/r/ay1hV6OlegS.ico","fqdn":"static.xx.fbcdn.net","domain":"fbcdn.net","tld":"net"},"ip":{"addr":"157.240.200.14","port":443,"asn":32934,"as":"FACEBOOK","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ginnovenergy.com/fb-page-review/login/","date":"2026-06-20T07:55:09.165Z","timestamp":1781942109165,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Sun, 29 Mar 2026 00:00:00 GMT","end":"Sat, 27 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"55:30:B4:59:35:DC:03:36:9D:D3:D0:5E:68:B9:4E:30:92:56:4A:DB","sha256":"60:C5:B6:E4:54:32:81:0B:07:9B:30:02:19:CA:1E:07:3B:2B:61:63:07:17:89:DA:09:7D:E5:78:76:D8:73:EB"}}},"request":{"raw":"GET /rsrc.php/y1/r/ay1hV6OlegS.ico HTTP/1.1\r\nHost: static.xx.fbcdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ginnovenergy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/x-icon\r\naccess-control-allow-origin: *\r\nlast-modified: Mon, 01 Jan 2001 08:00:00 GMT\r\ncontent-md5: to9qU1coA/wIRYVuZbprEQ==\r\nexpires: Thu, 17 Jun 2027 03:51:23 GMT\r\ncache-control: public,max-age=31536000,immutable\r\nreport-to: {\"max_age\":21600,\"endpoints\":[{\"url\":\"https:\\/\\/www.xx.facebook.com\\/ajax\\/browser_error_reports\\/\"}],\"group\":\"permissions_policy\"}\r\ntiming-allow-origin: *\r\ndocument-policy: force-load-at-top, include-js-call-stacks-in-crash-reports\r\npermissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to=\"permissions_policy\"\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nreporting-endpoints: permissions_policy=\"https://www.xx.facebook.com/ajax/browser_error_reports/\"\r\norigin-agent-cluster: ?1\r\nx-fb-debug: WTL5O8YiMepR7+ymepAb0jNV+Og5MNq1IO003GDeYacYNlfZkjNvmL6UL05d/azykTFtqGSyzb45hiTjyeR1RA==\r\ncontent-length: 20366\r\ndate: Sat, 20 Jun 2026 07:55:09 GMT\r\nx-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4804, tp=8, tpl=0, uplat=0, ullat=-1\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=6\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20366,"size_decoded":22282,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"b68f6a53572803fc0845856e65ba6b11","sha1":"4b8ae79b4874c5aa89acacf8667e94fce89dec65","sha256":"8924f44d76426a340b105cbdc5b93678c6b772e847b393f2568d94847c0d8d80","sha512":"9d194cba9e8225a66a520b614be53ab6e7020fd4a6ca7ceadd5d4f5b2a98ae8aa52af45a497633e2a59e57ca541a5f030d46db60f43cbe23e63bdc302e68e20e","ssdeep":"48:Xfq3OqXAzh4jaJV9HxG8LaSmO6IgbExw1Xw8JomVn+jwn7:CcwaJViU6IgbEy1AO+jwn7","tlshash":"5692245132430308f45d06b0c647b15a7bed7c832c675e67e9ab3a4e6ff825890275e3","first_seen":"2025-02-20T18:41:00.089582Z","last_seen":"2026-06-26T06:50:09.460725Z","times_seen":15132,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":4,"connect":29,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T07:55:05.203Z","timestamp":1781942105203,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ginnovenergy.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 May 2026 09:15:54 GMT","end":"Fri, 28 Aug 2026 09:15:53 GMT"},"fingerprint":{"sha1":"3D:57:7B:9F:E5:B6:6F:EC:28:00:0B:C8:B8:43:3B:4A:9F:C9:28:59","sha256":"A0:D1:9E:ED:C2:7B:54:C4:8B:E8:35:53:0F:D1:A1:9C:14:FD:AD:29:7F:56:0E:1F:38:4D:A0:EF:DF:A9:26:4F"}}},"request":{"raw":"GET /fb-page-review/login HTTP/1.1\r\nHost: ginnovenergy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:55:06 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://ginnovenergy.com/fb-page-review/login/\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' *.elementor.com *.elementor.io; object-src 'self';\r\npermissions-policy: interest-cohort=()\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T06:55:03.618869Z","times_seen":16731264,"resource_available":true,"data":null}},"time_used":1704,"timings":{"blocked":-1,"dns":6,"connect":188,"send":0,"wait":188,"receive":188,"ssl":1134},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ginnovenergy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login/","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T07:55:06.916Z","timestamp":1781942106916,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ginnovenergy.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 May 2026 09:15:54 GMT","end":"Fri, 28 Aug 2026 09:15:53 GMT"},"fingerprint":{"sha1":"3D:57:7B:9F:E5:B6:6F:EC:28:00:0B:C8:B8:43:3B:4A:9F:C9:28:59","sha256":"A0:D1:9E:ED:C2:7B:54:C4:8B:E8:35:53:0F:D1:A1:9C:14:FD:AD:29:7F:56:0E:1F:38:4D:A0:EF:DF:A9:26:4F"}}},"request":{"raw":"GET /fb-page-review/login/ HTTP/1.1\r\nHost: ginnovenergy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:55:07 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 18 Jun 2026 09:14:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a33b6e8-6598e\"\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' *.elementor.com *.elementor.io; object-src 'self';\r\npermissions-policy: interest-cohort=()\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":416142,"size_decoded":97293,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (64639)","md5":"4173804b18be2897b5db043ee6e7a75a","sha1":"b66d1720a1042168fb26acc81987606ab680ec60","sha256":"9e5126b88805152244a5f38d6928bebe8c4a206c1b0922f87d2d3e1ac351a074","sha512":"3aaee50da60ea024326f5b370bb94982d7fb0241275ec63eb63b328e9526e5a43b549ee5dc5fd868f8f747f19f547acc2f9a08e766bfe6ed27325d3a025b5ec8","ssdeep":"6144:IHo7qZjispgNmzUhE+GnIWnIjiD99jifsdaibYkIkKxVdexZwFnlq99rnE+w0Giy:aew7hbO9","tlshash":"59945d05f904c4362b3b0ff2e4a67907bb6c0c479a8449e4e1ad6e7975c67b8231bb17","first_seen":"2026-05-20T11:36:03.093937Z","last_seen":"2026-06-20T08:22:18.063938Z","times_seen":9,"resource_available":true,"data":null}},"time_used":379,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":379,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ginnovenergy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login/css/rkR9nETCCfCEkX3WI8UJzenJ_BbYUv0YNT9DWDYPz6DhfgQe914iiBfONMKn.css","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ginnovenergy.com/fb-page-review/login/","date":"2026-06-20T07:55:07.600Z","timestamp":1781942107600,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ginnovenergy.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 May 2026 09:15:54 GMT","end":"Fri, 28 Aug 2026 09:15:53 GMT"},"fingerprint":{"sha1":"3D:57:7B:9F:E5:B6:6F:EC:28:00:0B:C8:B8:43:3B:4A:9F:C9:28:59","sha256":"A0:D1:9E:ED:C2:7B:54:C4:8B:E8:35:53:0F:D1:A1:9C:14:FD:AD:29:7F:56:0E:1F:38:4D:A0:EF:DF:A9:26:4F"}}},"request":{"raw":"GET /fb-page-review/login/css/rkR9nETCCfCEkX3WI8UJzenJ_BbYUv0YNT9DWDYPz6DhfgQe914iiBfONMKn.css HTTP/1.1\r\nHost: ginnovenergy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ginnovenergy.com/fb-page-review/login/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:55:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' *.elementor.com *.elementor.io; object-src 'self';\r\npermissions-policy: interest-cohort=()\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T06:55:03.618869Z","times_seen":16731264,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ginnovenergy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login/css/OZmECwlaENMg8T_6-Yirbb.css","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ginnovenergy.com/fb-page-review/login/","date":"2026-06-20T07:55:07.601Z","timestamp":1781942107601,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ginnovenergy.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 May 2026 09:15:54 GMT","end":"Fri, 28 Aug 2026 09:15:53 GMT"},"fingerprint":{"sha1":"3D:57:7B:9F:E5:B6:6F:EC:28:00:0B:C8:B8:43:3B:4A:9F:C9:28:59","sha256":"A0:D1:9E:ED:C2:7B:54:C4:8B:E8:35:53:0F:D1:A1:9C:14:FD:AD:29:7F:56:0E:1F:38:4D:A0:EF:DF:A9:26:4F"}}},"request":{"raw":"GET /fb-page-review/login/css/OZmECwlaENMg8T_6-Yirbb.css HTTP/1.1\r\nHost: ginnovenergy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ginnovenergy.com/fb-page-review/login/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:55:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' *.elementor.com *.elementor.io; object-src 'self';\r\npermissions-policy: interest-cohort=()\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T06:55:03.618869Z","times_seen":16731264,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ginnovenergy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"ginnovenergy.com/fb-page-review/login/css/HpEiFYDux5j.webp","fqdn":"ginnovenergy.com","domain":"ginnovenergy.com","tld":"com"},"ip":{"addr":"18.138.138.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ginnovenergy.com/fb-page-review/login/","date":"2026-06-20T07:55:07.676Z","timestamp":1781942107676,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ginnovenergy.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 May 2026 09:15:54 GMT","end":"Fri, 28 Aug 2026 09:15:53 GMT"},"fingerprint":{"sha1":"3D:57:7B:9F:E5:B6:6F:EC:28:00:0B:C8:B8:43:3B:4A:9F:C9:28:59","sha256":"A0:D1:9E:ED:C2:7B:54:C4:8B:E8:35:53:0F:D1:A1:9C:14:FD:AD:29:7F:56:0E:1F:38:4D:A0:EF:DF:A9:26:4F"}}},"request":{"raw":"GET /fb-page-review/login/css/HpEiFYDux5j.webp HTTP/1.1\r\nHost: ginnovenergy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ginnovenergy.com/fb-page-review/login/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:55:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 193546\r\nlast-modified: Thu, 18 Jun 2026 09:03:40 GMT\r\netag: \"6a33b46c-2f40a\"\r\nexpires: Mon, 20 Jul 2026 07:55:07 GMT\r\ncache-control: max-age=2592000, public, max-age=2592000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":193546,"size_decoded":193872,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"14138bd70dd9dc9d5e59d2c9f94a2462","sha1":"8bfccfbdb378d0d019f6b15b7e8bd1d6b60ce850","sha256":"1eed452e2a650a014e75cade0f8faa5bac3a4eaffafb270b8ee73891c9af316e","sha512":"5e2d49f06413bd8239889b28cfcafec93360b029d266b0459843a3d0e41e7c81373d3cbe6692c18d47d12de9b304a6ca085e8235e27847b90e8ad3e8951f18a8","ssdeep":"3072:4fT2pZK6xAvvriIXKZ2CM+HGKv8daF595yTASgErg9Twy2V7WGQ2OS176:4fT8RxA1KZN9GKUdafLc9rgNp2dW52O4","tlshash":"b8141394f8f3eb13fd4db8f6688b188cb456d0611b3da86b4873fb5007e8667482615e","first_seen":"2026-01-31T13:07:42.73442Z","last_seen":"2026-06-26T06:50:09.457734Z","times_seen":2341,"resource_available":false,"data":null}},"time_used":2836,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1139,"receive":1697,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ginnovenergy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ginnovenergy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}}]}