{"report_id":"09a0b269-2ad9-47fd-8b21-87810c4f4a84","version":6,"status":"done","tags":["suspicious"],"date":"2026-04-18T12:51:39Z","url":{"schema":"http","addr":"validarwsaccountweb.iceiy.com","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/?i=1","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"title":"Outlook Verification","dom":{"size":4104,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ece879ce392aae6421d98d7bb7186303","sha1":"1a0675c258a68c522d43cc366bced4a30de508dc","sha256":"95ecc578f74fa4fde3d0c380a9e58da7ff4aa5d491432fcd1ea84b09c9a76d2a","sha512":"80405892972c05ba87a5055a2658df237aec161218b0b8b9c02d2c4bf4e207434ebefe2475614801fd6abbcc2554ab8a7055072669b200a1bc8d92cdd341488c","ssdeep":"48:OKTaiLQmH/4FuxgSdMRVAuOP+6vM6WuHxSxS2RPm/iX:faWf4FIgMI6U6ESyX","tlshash":"118161066cf24aa22253a0849a7bb10d7951d1035a17c8017fbcd7ed6f68eafc41379d","dom_hash":"domhashf2b96477f88f4fb7a991640b377ebdc2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"validarwsaccountweb.iceiy.com","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-23T12:51:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"www.freepnglogos.com","ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2016-10-07","domain_rank":880176,"first_seen":"2017-02-09T09:00:11Z","last_seen":"2026-04-12T13:40:10.190839Z","alert_count":0,"request_count":1,"received_data":46329,"sent_data":499,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"validarwsaccountweb.iceiy.com","ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-12-06","domain_rank":0,"first_seen":"2026-04-18T12:51:39.642077Z","last_seen":"2026-04-18T12:51:39.642077Z","alert_count":11,"request_count":5,"received_data":10105,"sent_data":2541,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-12T22:33:20.808909Z","alert_count":0,"request_count":2,"received_data":139559,"sent_data":1049,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-04-12T23:27:20.270056Z","alert_count":0,"request_count":1,"received_data":90462,"sent_data":458,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"6abce13615262c1026672be65179f1e2","sha1":"1518f71c34b4ef2f851bcdac8bb9a696e361d3cd","sha256":"8e7f6942d15e185765ecbb145b79d1310d15f31ece97fbc4436efd2e93f43499","sha512":"6a171ea43c9e99052a867077e4098ce4d00781746911c96bf3fd3fdd1b841c3785556c95048193fe7ff3796d4923903c202c22f4997f7e83521cd1d797aed647","ssdeep":"","tlshash":"48f0e1bce171b0d94fc150d2097ba54fd0231ad2f512c0fbc046a6706ad6ddd0a99d2f","size":617,"data":"","first_seen":"2026-04-18T12:51:42.314581Z","last_seen":"2026-04-18T12:59:42.308213Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/aes.js","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"756722c3542f271367cc3b074113a8ee","sha1":"c5c24b4cfc44d597fb7d82d79a7dcea4a8d07e2b","sha256":"ed1d3bd967abe66cff832561cb911c572a2f85fd6cffc32ef3cec68dbc60c7ce","sha512":"ec3293d425646848dc2cf5d3cebae22b91d99461d3565ed17599af961f6f0062167446f732e91ade94f7e589000cda7e85259a217c5ce571bc11c175435a4290","ssdeep":"","tlshash":"8d1150a5034607bcf6cd0ec8c40a321a21f1c04abe2112c9afb36ae77c3b8840034e26","size":1000,"data":"","first_seen":"2025-03-10T10:15:36.223346Z","last_seen":"2026-04-18T14:49:35.133879Z","times_seen":1791,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/telgm.js","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"adb4d235b6e8bc20f0052122546b6b5b","sha1":"12e7bbd279f0ec4552e6856c339582a3cc5de45a","sha256":"92c819a4e87b64f92e11818993711390c434c9571f00f8c4a2f6a9b19f240ad6","sha512":"cc840b324c39ab0847e3cb889487f012e5a82f21996c20b138c097fcced1341b97e669556b1fbb52f6ee12c98ebf4e84f9ff2adb0ef0ac0b93d788c927095811","ssdeep":"","tlshash":"ffb092c456a5a80eeae04963200ca8780f89e58260166834b40edeb605016e1acb6e1a","size":121,"data":"","first_seen":"2025-10-22T23:28:33.886208Z","last_seen":"2026-04-18T12:59:42.304555Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/?i=1","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"17a8c00485cabf2c6155d2fb78aabce5","sha1":"ef7c613c56257fa24c251349aca2e4f2226482c0","sha256":"92dd3ab6ba9567fbb666d1f7e00af8a2c61749ccde08a63d477ed8c5518ac826","sha512":"729a7b8af3d70f1c07bf2f163ce524cd3b05831ebc58169507218e298f87f16024f174afac25286a946b178793a533c7946e3e6a3d7d27726009aa38e337f501","ssdeep":"","tlshash":"c2311247bcb34ad01b6b70964a2fb108369391531e25d810be4cf57c4f6cb7a91527ad","size":1846,"data":"","first_seen":"2026-04-18T12:51:42.318129Z","last_seen":"2026-04-18T12:59:42.305397Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/?i=1","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc939fbc5058cca7be740439890eebf2","sha1":"aed08b87b6a1adf38f20d7165bfd65fac0d3db3c","sha256":"c3ccfd189871741cbf3c4ff2686b07435a48b3748d01f8ea90029e9d76388b9f","sha512":"3ba4c4ff46143db6f9b786d2a4e1b74fb0c9cb3f8f2d45e64bbd839931adea3eade8f4e980fc68d274062629a761d1827306bfce920b7fc563311da8f04ac823","ssdeep":"","tlshash":"1cf0a71926520d105445f2a5a63a51887120e1032117c8c7bb7ee3ed7f77c2f8923e6f","size":518,"data":"","first_seen":"2025-09-06T21:41:15.777631Z","last_seen":"2026-04-18T13:02:59.265084Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-18T18:28:03.975514Z","times_seen":224379,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.freepnglogos.com/uploads/microsoft-logo-png-transparent-background-1.png","fqdn":"www.freepnglogos.com","domain":"freepnglogos.com","tld":"com"},"ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://validarwsaccountweb.iceiy.com/?i=1","date":"2026-04-18T12:51:18.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freepnglogos.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Mar 2026 06:22:04 GMT","end":"Thu, 04 Jun 2026 06:22:03 GMT"},"fingerprint":{"sha1":"77:D5:92:CB:9B:F9:37:D1:0B:C4:9D:FE:79:BE:E9:79:1D:19:5A:39","sha256":"5D:0E:7B:81:54:A5:C3:13:80:27:5A:99:68:27:27:73:9B:03:80:43:C3:27:DA:FF:5A:5A:C1:41:98:40:E2:BF"}}},"request":{"raw":"GET /uploads/microsoft-logo-png-transparent-background-1.png HTTP/1.1\r\nHost: www.freepnglogos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:51:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 46043\r\nlast-modified: Sat, 20 Aug 2022 14:09:47 GMT\r\netag: \"6300eb2b-b3db\"\r\ncache-control: no-cache, must-revalidate\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5471 x 1280, 8-bit/color RGBA, non-interlaced","md5":"c117a0bda103aeb25c145a71b0b8ac5a","sha1":"3dd6e5ccf39e92e840404bdab510c8d67bd6e768","sha256":"4bad04d35478f23907ff0e6433a492400840cec4fbd6a487752dd5bdcbbca029","sha512":"73136f1a544983f8ed0e909d0811bbf7fd61ccbeb84bb2023af56943949ea082306576bff227fc71c864d2022e429059231aa082d19977dead2de25c07e17bc8","ssdeep":"768:sgFuRUyAenFPQDYEP6BI1fdR9QgPla9qO:sfZZiPpLR9d9a9qO","tlshash":"1f2329b54c9b89f5c10d4876dc789fa972f81ade6224332d433e7a3d78963ca6004add","first_seen":"2023-11-03T14:17:52Z","last_seen":"2026-04-18T13:02:59.26194Z","times_seen":106,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":81,"dns":5,"connect":36,"send":0,"wait":67,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/telgm.js","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://validarwsaccountweb.iceiy.com/?i=1","date":"2026-04-18T12:51:18.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /telgm.js HTTP/1.1\r\nHost: validarwsaccountweb.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/?i=1\r\nCookie: __test=5edbe4a57186ce589f9477a8d231b582\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 18 Apr 2026 12:51:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 121\r\nConnection: keep-alive\r\nLast-Modified: Thu, 16 Oct 2025 02:11:25 GMT\r\nETag: \"79-6413d2261edb7\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Mon, 18 May 2026 12:51:17 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"adb4d235b6e8bc20f0052122546b6b5b","sha1":"12e7bbd279f0ec4552e6856c339582a3cc5de45a","sha256":"92c819a4e87b64f92e11818993711390c434c9571f00f8c4a2f6a9b19f240ad6","sha512":"cc840b324c39ab0847e3cb889487f012e5a82f21996c20b138c097fcced1341b97e669556b1fbb52f6ee12c98ebf4e84f9ff2adb0ef0ac0b93d788c927095811","ssdeep":"","tlshash":"ffb092c456a5a80eeae04963200ca8780f89e58260166834b40edeb605016e1acb6e1a","first_seen":"2025-10-22T23:28:33.886208Z","last_seen":"2026-04-18T12:59:42.304555Z","times_seen":4,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://validarwsaccountweb.iceiy.com/?i=1","date":"2026-04-18T12:51:18.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://validarwsaccountweb.iceiy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 18 Apr 2026 12:51:18 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 78196\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6599bdc3-13174\"\r\nlast-modified: Sat, 06 Jan 2024 21:53:23 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 13236\r\nexpires: Thu, 08 Apr 2027 12:51:18 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v4vTREfnvg667d%2FV5%2BYTQohzheRSFKdOQ7vHDjO2W5%2F6o4D9iEui2kvl4eR2iXrsVNYVcyNNnmTZ7QilhvlkNmmoCWyt63UjOKvy2G56%2FMSPfdXBb50ex1AxkrWLQQMWBcKvpPfu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9ee3ccd9fec75691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-04-18T18:30:12.70006Z","times_seen":126026,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T12:51:17.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: validarwsaccountweb.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 18 Apr 2026 12:51:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 856\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":856,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (856), with no line terminators","md5":"798ffe00c59a413294b511f09f5478a0","sha1":"39ee53bfb26ef4c433c9af2d7cad16d3f0e2fdd7","sha256":"35a80ebbb0b94f31d099f18c51a4c61854849482b288b2b0603efae98b6d485e","sha512":"d969b6e7bcc473dac0bcf9f9a489ecc3eecbde1dc6ea68a8e9e75cd3b1e83711b1b9ae7ad1053d6bc93da97ba65d00bfdddfe9095792ea3a58d16f0feba3c64a","ssdeep":"","tlshash":"081141fdeca1f0c99fc004c01576d55fa4129aa2e611c8bf80c252a466d1bdc0d8ac3b","first_seen":"2026-04-18T12:51:42.299834Z","last_seen":"2026-04-18T12:59:42.288314Z","times_seen":2,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":121,"dns":11,"connect":31,"send":0,"wait":31,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/aes.js","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://validarwsaccountweb.iceiy.com/","date":"2026-04-18T12:51:18.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /aes.js HTTP/1.1\r\nHost: validarwsaccountweb.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T18:23:17.758013Z","times_seen":13906688,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/?i=1","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T12:51:18.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: validarwsaccountweb.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/\r\nCookie: __test=5edbe4a57186ce589f9477a8d231b582\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 18 Apr 2026 12:51:17 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 4134\r\nConnection: keep-alive\r\nLast-Modified: Thu, 16 Oct 2025 02:11:23 GMT\r\nETag: \"1026-6413d223bb048\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Mon, 18 May 2026 12:51:17 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}],"data":{"size":4134,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ee28f6fc325b5e9e5edf59976ebc77e8","sha1":"7622843074bdd442635e24847f107c8123870727","sha256":"c11a8312cf977bff8ff31913d31eea0de4ffa6c8f1998e1bd6eceb8531a171d3","sha512":"fa4cbf313a989303c572c8ec38cab261a0fd4ef9cef9f4174d5e151374cad5ed8fc1eb350be6c8fe040623fe52a90821cf20a9755024186a89921c1cf8344018","ssdeep":"48:OKTaiLQmH/4FuxgSdMRVAuOP+6vM6psiHxSxO2RPm/izZ:faWf4FIgMI6U6peOyl","tlshash":"c181710628f24aa12253e0845a7bb10d3951d1035a17c801bbbcd7ed2f68ebfc51379e","first_seen":"2026-04-18T12:51:42.305453Z","last_seen":"2026-04-18T12:59:42.290635Z","times_seen":2,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"validarwsaccountweb.iceiy.com/style.css","fqdn":"validarwsaccountweb.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.221","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://validarwsaccountweb.iceiy.com/?i=1","date":"2026-04-18T12:51:18.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: validarwsaccountweb.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/?i=1\r\nCookie: __test=5edbe4a57186ce589f9477a8d231b582\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 18 Apr 2026 12:51:17 GMT\r\nContent-Type: text/css\r\nContent-Length: 3707\r\nConnection: keep-alive\r\nLast-Modified: Thu, 16 Oct 2025 02:11:25 GMT\r\nETag: \"e7b-6413d2256741b\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Mon, 18 May 2026 12:51:17 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3707,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"ba8b4f78320b4e9bd537782a32014e7e","sha1":"d8cc4f93faedd4f9301979e9e79ef72061fae0bb","sha256":"25a7a95843b9f248766a45c03394a8307b1f8238881239d8a639cf6bfb0fa9b1","sha512":"af35831e23c8af3a9427b2a2119f9bd7ccb8a8561b1f66b5bac7fee69b6ba1ade37c3d3f8852a1d6104a321f82838d8a4ab2a60553a41001ec51c280aa1dde66","ssdeep":"","tlshash":"937141916f5218467007d56c77fa8b1b122c4543918eddbdbf86a2d8cf4e2e8c262bdc","first_seen":"2025-09-22T16:19:47.438533Z","last_seen":"2026-04-18T12:59:42.295568Z","times_seen":9,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"validarwsaccountweb.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://validarwsaccountweb.iceiy.com/?i=1","date":"2026-04-18T12:51:18.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:51:18 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10482\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6599bda5-28f2\"\r\nlast-modified: Sat, 06 Jan 2024 21:52:53 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 368393\r\nexpires: Thu, 08 Apr 2027 12:51:18 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ciYqVDPaDikpRWFYmA8AzV9130GCwBDuw%2F3dJ6sTfwBAQV0nLE1SQ5HmO0oP0w9ZSKIdx2p1wAhhv9X9FWGfq%2FZKwjWWomcWKwpj3i1ZEhoIwJ1H%2FmXDCRwdIB7axVhYRZZbJi1j\"}]}\r\ncf-ray: 9ee3ccd88b773181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59344,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (59158)","md5":"74bab4578692993514e7f882cc15c218","sha1":"b6293bcfd851f963edbe859498570c4c0c7eaae4","sha256":"d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386","sha512":"8810579bc7d6f74fa7b8b7122a56e6acf70b6b4393f76c4ed4122c67ecb00d6642beab1681c715de0168441bf4cfef1d2c9832007221477e5565cda833f808d7","ssdeep":"768:0Eh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzl:0E0PxXE4YXJgndFTfy9lt5B","tlshash":"0a43fbb8e54c01c9b731c44bef82b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-18T18:36:43.860212Z","times_seen":84566,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":14,"dns":0,"connect":1,"send":0,"wait":7,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://validarwsaccountweb.iceiy.com/?i=1","date":"2026-04-18T12:51:18.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:54 GMT","end":"Mon, 22 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"89:9D:A0:A4:A4:3B:62:A3:D0:B3:63:4B:5B:C3:1D:9B:09:43:3C:91","sha256":"DB:10:40:08:19:EF:D7:9C:5F:11:BC:78:DC:9F:81:F3:9E:A7:30:2F:1F:06:C8:C4:A4:DD:BC:C3:27:6F:2A:AA"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://validarwsaccountweb.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Apr 2026 10:07:53 GMT\r\nexpires: Mon, 12 Apr 2027 10:07:53 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 528205\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89476,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-18T18:28:03.975514Z","times_seen":224379,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":125,"dns":1,"connect":17,"send":0,"wait":16,"receive":15,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}