{"report_id":"135cac2a-c9f5-4f53-9325-b0a41ea8981b","version":6,"status":"done","tags":[],"date":"2023-12-12T08:46:40Z","url":{"schema":"http","addr":"e.midnightofficial.xyz","fqdn":"e.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"162.210.196.166","port":0,"asn":30633,"as":"LEASEWEB-USA-WDC","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ww1.midnightofficial.xyz/","fqdn":"ww1.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"title":"ww1.midnightofficial.xyz/"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T08:04:27Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"e.midnightofficial.xyz","ip":{"addr":"162.210.196.166","port":443,"asn":30633,"as":"LEASEWEB-USA-WDC","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":386,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ww1.midnightofficial.xyz","ip":{"addr":"15.197.204.56","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":3755,"sent_data":1387,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img1.wsimg.com","ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2008-03-17","domain_rank":9893,"first_seen":"2012-06-20 16:42:31","last_seen":"2023-12-11 09:01:03","alert_count":0,"request_count":2,"received_data":206601,"sent_data":916,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img6.wsimg.com","ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2008-03-17","domain_rank":15438,"first_seen":"2020-02-20 08:56:58","last_seen":"2023-12-11 14:37:52","alert_count":0,"request_count":4,"received_data":53979,"sent_data":1982,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10 13:11:19","last_seen":"2023-12-09 10:58:51","alert_count":0,"request_count":1,"received_data":150486,"sent_data":439,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-12-12T08:46:14Z","timestamp":1702370774,"ip_dst":{"addr":"Client IP","port":38908,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.210.196.166","port":443,"asn":30633,"as":"LEASEWEB-USA-WDC","country":"United States","country_code":"US"},"severity":"medium","alert":"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)","source":"{\"timestamp\":\"2023-12-12T08:46:14.818183+0000\",\"flow_id\":1495211760348726,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"162.210.196.166\",\"src_port\":443,\"dest_ip\":\"10.70.215.32\",\"dest_port\":38908,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025194,\"rev\":3,\"signature\":\"ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2018_01_09\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_16\"]}},\"tls\":{\"subject\":\"CN=midnightofficial.xyz\",\"issuerdn\":\"C=US, O=Let's Encrypt, CN=R3\",\"serial\":\"03:06:54:6B:6A:D2:59:BC:E7:43:6A:62:85:84:48:1A:F9:78\",\"fingerprint\":\"24:c3:b2:bf:31:8a:10:23:4f:8d:03:b1:22:eb:36:7f:84:28:c8:80\",\"sni\":\"e.midnightofficial.xyz\",\"version\":\"TLS 1.2\",\"notbefore\":\"2023-09-28T09:31:40\",\"notafter\":\"2023-12-27T09:31:39\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"1089ea6f0461a29006cc96dfe7a11d80\",\"string\":\"771,49199,65281-11-16\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1230,\"bytes_toclient\":4886,\"start\":\"2023-12-12T08:46:14.454198+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0808101bcc6e1191c5b6073e31bcb441","sha1":"325317ef7ae2592656dcabfb8462b40f3e3ebc08","sha256":"39359651a0d752d1e777094fd9deed5e4c5993ff6b2aebfd855761f41369b13e","sha512":"754751a2623e4528e0f4d33ca3ccef2262e4a72fd7d329eace58707fc6321adfafed64d8a25dd7af5b4c8f3afb391c5dc1e125ac1bd021fddb551604525508bc","ssdeep":"1536:grPOSj873QtAPyqqf/2uYgMjaitiKc1CPEU6i5QI+/F2R26i57VlcZ6gCzUIomHx:b2sAU5QI+t2RqB+Z+Umpa+NilYtN","tlshash":"97e35b9a7761302663a354f4603f028fb23ab959e84885f4f194d4e47cb8da91237fbd","size":149633,"data":"","first_seen":"2023-11-09T15:54:19Z","last_seen":"2023-12-13T16:25:25Z","times_seen":2531,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.midnightofficial.xyz/","fqdn":"ww1.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"15.197.204.56","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.midnightofficial.xyz/px.js?ch=1\u0026abp=1","fqdn":"ww1.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"15.197.204.56","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2183968f9080b37babfeba3ccf10df2","sha1":"24b9cf589ee6789e567fac3ae5acfc25826d00c6","sha256":"4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc","sha512":"0e16d127a199a4238138eb99a461adf2665cee4f803d63874b4bcef52301d0ecd1d2eb71af3f77187916fe04c5f9b152c51171131c2380f31ca267a0a46d2a42","ssdeep":"","tlshash":"4cf097192c28e27464362e96c2bdc0ba6164200236b0f422b8d4fb4f429dfe5083ac68","size":476,"data":"","first_seen":"2023-03-13T06:28:57Z","last_seen":"2024-08-21T09:44:36.254707Z","times_seen":9007,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/js/main.9f0f0a6c.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"04673cf240c7732fa59ef6e43d8eb201","sha1":"4be636c2cabd885eabd8be76c48d58644d70b933","sha256":"c8bdf633ea8dc72a4c4ceaac6525fa67d80e4f88e5ee00dd299689674b6d8299","sha512":"52c1bb76f413c0568bed27c16c5fa8e0f8672fb0549468c562d466b6ed374b74c46a6288cf857370a39201e35c6ece4196f63fa7d7255abbb74b7399e5675550","ssdeep":"12288:KeorYmQAjCp6QYn3QYnkiDUk4f0WTI4WY+MiqFJeqNACa:KeosbAj46QYn3QYnk+","tlshash":"71f428ce72d1b0b507e352e6c43f280fb2795e25e00cc561eabad9d6986944d823bf5c","size":729355,"data":"","first_seen":"2023-12-12T05:19:27Z","last_seen":"2023-12-12T18:53:18Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img6.wsimg.com/wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.js","fqdn":"img6.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a94ef1f1f352aaf85d641a223ed6f00","sha1":"699d1d123971f8eb98e51871ce733f47aba6e461","sha256":"923d5daa410b839bdf3f05602c0e33ffdaca14fdc86c040757cbb2709d24d23b","sha512":"16ecb02a183a22be790605f3c3c2aaf625881aa3148ecf37b4ff8eef25197c361fc3e1a1e893a07c78554db511d18568e97eaa181dd034db1268e3e98efd3639","ssdeep":"768:kZuM/ekkrU29jCwgR4psh9sVAyOzbIc6IwmlwBaj1Bz2fGtLHCIpBKSR9NKf5y3z:N9g9Zt9s77dPfht7A/WFHvgU3Pa","tlshash":"5393d59831e5f0b043e750a6943f550af37a2d2de41db060b3a5d8d87a7994fa227f38","size":91290,"data":"","first_seen":"2023-09-22T09:48:08Z","last_seen":"2024-09-20T20:15:49.95805Z","times_seen":1595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"e.midnightofficial.xyz/","fqdn":"e.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"162.210.196.166","port":443,"asn":30633,"as":"LEASEWEB-USA-WDC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-12T08:46:14.452Z","timestamp":1702370774452,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"midnightofficial.xyz","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 Sep 2023 09:31:40 GMT","end":"Wed, 27 Dec 2023 09:31:39 GMT"},"fingerprint":{"sha1":"24:C3:B2:BF:31:8A:10:23:4F:8D:03:B1:22:EB:36:7F:84:28:C8:80","sha256":"F8:66:F1:45:1E:D5:44:99:9C:21:F6:4B:24:97:39:23:CB:8A:2A:0D:7F:1F:94:DE:69:74:D7:B7:1E:AB:3F:DA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: e.midnightofficial.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 11\r\ndate: Tue, 12 Dec 2023 08:46:15 GMT\r\nlocation: http://ww1.midnightofficial.xyz\r\nserver: Cowboy\r\nset-cookie: sid=e88cd585-98ca-11ee-95ba-bb401c6f4bcd; path=/; domain=.midnightofficial.xyz; expires=Sun, 30 Dec 2091 12:00:22 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":11,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"32682312d17c7cbf18e73594f5570319","sha1":"60e22121bdd0bc71cdb2bae2a3aa577006b2eae9","sha256":"e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47","sha512":"68337debb9cd659cece621af582ae2bc4b56b9cf06b26c45f4d9eb8beb91d3f36bead287218b5aa2bb4853a1cf1a12017ca57318d7e12f489884fdc6b261dfc1","ssdeep":"","tlshash":"3550000030c0300c0000000c0000030003000000000c033f0c3003c00c000000000003","first_seen":"2023-04-05T04:09:22Z","last_seen":"2025-03-02T06:14:56.641448Z","times_seen":15034,"resource_available":false,"data":null}},"time_used":1812,"timings":{"blocked":504,"dns":1,"connect":110,"send":0,"wait":805,"receive":0,"ssl":390},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.midnightofficial.xyz/","fqdn":"ww1.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"15.197.204.56","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-12T08:46:15.769Z","timestamp":1702370775769,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ww1.midnightofficial.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 12 Dec 2023 08:46:15 GMT\r\nContent-Type: text/html\r\nContent-Length: 1543\r\nLast-Modified: Mon, 11 Dec 2023 22:38:49 GMT\r\nConnection: keep-alive\r\nETag: \"65778f79-607\"\r\nX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FNliwKH6T3awG3OlIivU/gy7C6816JfsX4oFb5RfklRqZRhW9Emm/3jfiiWAJ/4fEp6Lau1AtuyMq6CZSqM0+Q\r\nCache-Control: no-cache\r\nX-Content-Type-Options: nosniff\r\nSet-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;\ncountry=NO;Path=/;Max-Age=86400;\ncity=\"\";Path=/;Max-Age=86400;\nexpiry_partner=;Path=/;Max-Age=86400;\n_policy={\"restricted_market\":true,\"tracking_market\":\"explicit\"};Path=/;Max-Age=86400;\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1543,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\n- HTML document text\n- HTML document text\n- HTML document text\n- HTML document text\n- HTML document text\n- exported SGML document, ASCII text, with very long lines (1543), with no line terminators","md5":"e5dcbbef49079f72bd7ab6c177d92d69","sha1":"9e6bdb290f2ef5c8a2f64abe3fae195985018ffc","sha256":"0740850dc6f86cbd5aa7298643d71955266c5cbdb697da3fbe30108b45fb58c8","sha512":"ab50a7d15d2b1e81c5d952c031304944b9c049cbb628d5f144f2a9aa2ec56ab058a01d700bdbb2e11d661e75998a0fe2652261481535d2a03f9b6c3fe6d6996e","ssdeep":"","tlshash":"363112e76c49d2844f5087e6f4b3f63cc086a42acd91dc50d5d2407f65d8bda0d6699c","first_seen":"2023-12-12T05:48:25Z","last_seen":"2023-12-12T14:34:49Z","times_seen":4,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":2,"dns":2,"connect":1,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/css/main.39c9adf8.css","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.140Z","timestamp":1702370776140,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /parking-lander/static/css/main.39c9adf8.css HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: tMt7MS65d4U73GQikQ2B01vKfxYSFXwNZWxbPPqU7yULD6ofPxYzFOoXd2SA0ZC0casa9GVYXTI=\r\nx-amz-request-id: K44PVVYKRAATP9ZA\r\nlast-modified: Fri, 08 Dec 2023 19:44:01 GMT\r\netag: \"02d22d2dd35cf95e10e23f125eaa7b95\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: pZSsaEMhPy5ava4ThRHDZrk_u88V49M0\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncache-control: max-age=31536000\r\nexpires: Wed, 11 Dec 2024 08:46:15 GMT\r\ndate: Tue, 12 Dec 2023 08:46:15 GMT\r\ncontent-length: 3172\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3172,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9895)","md5":"02d22d2dd35cf95e10e23f125eaa7b95","sha1":"091e8a4af64d8b3cbc5585d06bada5f68533aa6a","sha256":"40aa985fff517e7a05ee929863678f6ead2ea89c96240f378f643cbe205158a6","sha512":"63a5a38a5acf0da233910ffcd796b36c8bd0209a2a479a8f76311e0132f54608af24230d42421aca1bb5d4d42d7e78b6bad1fad84560285c8bf35a1c81636b4f","ssdeep":"96:2u3J7UtnVCuoaka17fWIMiF670PP3Cy5YewxWOuQWzoKSxbLq8L30uebAnK/EVL:2+ar7I4PyyNtByEj9sN","tlshash":"d92285a051da851181e58d90b6fa9a1dcc1f6297d35a193805eb24c7bcfe8d3c3e06bb","first_seen":"2023-12-08T23:58:36Z","last_seen":"2024-08-20T16:19:21.943271Z","times_seen":1199,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":27,"dns":12,"connect":1,"send":0,"wait":9,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img6.wsimg.com/wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.js","fqdn":"img6.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.136Z","timestamp":1702370776136,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.js HTTP/1.1\r\nHost: img6.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://ww1.midnightofficial.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\netag: \"7a94ef1f1f352aaf85d641a223ed6f00\"\r\nlast-modified: Wed, 28 Jun 2023 19:00:02 GMT\r\nvary: Accept-Encoding\r\nx-amz-id-2: OkHFuHMqqVnbRFyUG/c+qaDi/MFWK+RWbKnHSyUtC1lnAgu4YWQO7QvFVq7fwaXgk+t85Fqi3Yq0FqtPk1ai2g==\r\nx-amz-request-id: KDH0MQQ1HEGY82GV\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: bn3Q9Dhk70iR2fsppgjyeVJKCiEuLxll\r\ncontent-length: 25518\r\ncache-control: max-age=31536000\r\ndate: Tue, 12 Dec 2023 08:46:15 GMT\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1702370775901_1600457341_94889543_31_1850_6_20_41\";dur=1\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25518,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65466)","md5":"7a94ef1f1f352aaf85d641a223ed6f00","sha1":"699d1d123971f8eb98e51871ce733f47aba6e461","sha256":"923d5daa410b839bdf3f05602c0e33ffdaca14fdc86c040757cbb2709d24d23b","sha512":"16ecb02a183a22be790605f3c3c2aaf625881aa3148ecf37b4ff8eef25197c361fc3e1a1e893a07c78554db511d18568e97eaa181dd034db1268e3e98efd3639","ssdeep":"768:kZuM/ekkrU29jCwgR4psh9sVAyOzbIc6IwmlwBaj1Bz2fGtLHCIpBKSR9NKf5y3z:N9g9Zt9s77dPfht7A/WFHvgU3Pa","tlshash":"5393d59831e5f0b043e750a6943f550af37a2d2de41db060b3a5d8d87a7994fa227f38","first_seen":"2023-09-22T09:48:08Z","last_seen":"2024-09-20T20:15:49.95805Z","times_seen":1595,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":36,"dns":17,"connect":4,"send":0,"wait":10,"receive":3,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/parking-lander/static/js/main.9f0f0a6c.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.139Z","timestamp":1702370776139,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /parking-lander/static/js/main.9f0f0a6c.js HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-amz-id-2: 86XG+WtahFKuFf+oQvmWbTmFoOJZSrxjIH4Tf8L46mRO8RtNQ+MOl//qUXF48y8nbNmk70T25YpmjmFFnEE/JQ==\r\nx-amz-request-id: HK9DWDM4TRC4JB7Y\r\nlast-modified: Mon, 11 Dec 2023 22:38:11 GMT\r\netag: \"04673cf240c7732fa59ef6e43d8eb201\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 47VH3cNGcV88b33NZxGXLz7Hk3xDqtlT\r\naccept-ranges: bytes\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 202161\r\ncache-control: max-age=31536000\r\nexpires: Wed, 11 Dec 2024 08:46:15 GMT\r\ndate: Tue, 12 Dec 2023 08:46:15 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":202161,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65465)","md5":"04673cf240c7732fa59ef6e43d8eb201","sha1":"4be636c2cabd885eabd8be76c48d58644d70b933","sha256":"c8bdf633ea8dc72a4c4ceaac6525fa67d80e4f88e5ee00dd299689674b6d8299","sha512":"52c1bb76f413c0568bed27c16c5fa8e0f8672fb0549468c562d466b6ed374b74c46a6288cf857370a39201e35c6ece4196f63fa7d7255abbb74b7399e5675550","ssdeep":"12288:KeorYmQAjCp6QYn3QYnkiDUk4f0WTI4WY+MiqFJeqNACa:KeosbAj46QYn3QYnk+","tlshash":"71f428ce72d1b0b507e352e6c43f280fb2795e25e00cc561eabad9d6986944d823bf5c","first_seen":"2023-12-12T05:19:27Z","last_seen":"2023-12-12T18:53:18Z","times_seen":13,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":32,"dns":12,"connect":5,"send":0,"wait":10,"receive":19,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.midnightofficial.xyz/px.js?ch=1\u0026abp=1","fqdn":"ww1.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"15.197.204.56","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.134Z","timestamp":1702370776134,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /px.js?ch=1\u0026abp=1 HTTP/1.1\r\nHost: ww1.midnightofficial.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nCookie: caf_ipaddr=91.90.42.154; country=NO; city=\"\"; expiry_partner=; _policy={\"restricted_market\":true,\"tracking_market\":\"explicit\"}\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 12 Dec 2023 08:46:15 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 476\r\nLast-Modified: Mon, 11 Dec 2023 22:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"65778f7c-1dc\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":476,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"d2183968f9080b37babfeba3ccf10df2","sha1":"24b9cf589ee6789e567fac3ae5acfc25826d00c6","sha256":"4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc","sha512":"0e16d127a199a4238138eb99a461adf2665cee4f803d63874b4bcef52301d0ecd1d2eb71af3f77187916fe04c5f9b152c51171131c2380f31ca267a0a46d2a42","ssdeep":"","tlshash":"4cf097192c28e27464362e96c2bdc0ba6164200236b0f422b8d4fb4f429dfe5083ac68","first_seen":"2023-03-13T06:28:57Z","last_seen":"2024-08-21T09:44:36.254707Z","times_seen":9007,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ww1.midnightofficial.xyz/px.js?ch=2\u0026abp=1","fqdn":"ww1.midnightofficial.xyz","domain":"midnightofficial.xyz","tld":"xyz"},"ip":{"addr":"3.33.243.145","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.135Z","timestamp":1702370776135,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /px.js?ch=2\u0026abp=1 HTTP/1.1\r\nHost: ww1.midnightofficial.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nCookie: caf_ipaddr=91.90.42.154; country=NO; city=\"\"; expiry_partner=; _policy={\"restricted_market\":true,\"tracking_market\":\"explicit\"}\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Tue, 12 Dec 2023 08:46:16 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 476\r\nLast-Modified: Mon, 11 Dec 2023 22:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"65778f7c-1dc\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":476,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"d2183968f9080b37babfeba3ccf10df2","sha1":"24b9cf589ee6789e567fac3ae5acfc25826d00c6","sha256":"4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc","sha512":"0e16d127a199a4238138eb99a461adf2665cee4f803d63874b4bcef52301d0ecd1d2eb71af3f77187916fe04c5f9b152c51171131c2380f31ca267a0a46d2a42","ssdeep":"","tlshash":"4cf097192c28e27464362e96c2bdc0ba6164200236b0f422b8d4fb4f429dfe5083ac68","first_seen":"2023-03-13T06:28:57Z","last_seen":"2024-08-21T09:44:36.254707Z","times_seen":9007,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":1,"connect":3,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img6.wsimg.com/wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.css","fqdn":"img6.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.487Z","timestamp":1702370776487,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.css HTTP/1.1\r\nHost: img6.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://ww1.midnightofficial.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nx-amz-request-id: 36R651T75VVJ5FTF\r\nx-amz-id-2: iquVZtVLBzgwK+m7kGR9q731ge24DA3tabYVsJs0GgQXDoK8Nnxer7EiIaYuO9/MznIPq+KMpWY64eafEvquCw==\r\ncontent-type: application/xml\r\ncontent-length: 255\r\ncache-control: max-age=900\r\ndate: Tue, 12 Dec 2023 08:46:16 GMT\r\nserver-timing: cdn-cache; desc=MISS, edge; dur=146, origin; dur=69, ak_p; desc=\"1702370775881_1600457341_94889542_21680_1562_8_0_41\";dur=1\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":255,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document text\n- XML document, ASCII text","md5":"dc5dc32477bbd7ce58b77c359485dca8","sha1":"a1434c9e6cea84e401edb98fb7e08bedea49ad90","sha256":"c806d1cc04adf5fd2a20bea9e5e96cafbb5b31fdc9f0294d14d07baa738de754","sha512":"ff847fb17170676b9a35e656225fcb853226b91ed161f0f7973f56d6d52c8a4bd4c47f832511bb9737ce0bbf7483e51f083ca8ccd3503f4b2bc61191a787ef1e","ssdeep":"","tlshash":"46d02b267324e43507041d1ab72be621a714163512c91ab05d82fc535fc28900a9c750","first_seen":"2023-12-12T09:46:46Z","last_seen":"2023-12-12T09:46:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img6.wsimg.com/wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.js","fqdn":"img6.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.136Z","timestamp":1702370776136,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.js HTTP/1.1\r\nHost: img6.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\netag: \"7a94ef1f1f352aaf85d641a223ed6f00\"\r\nlast-modified: Wed, 28 Jun 2023 19:00:02 GMT\r\nvary: Accept-Encoding\r\nx-amz-id-2: OkHFuHMqqVnbRFyUG/c+qaDi/MFWK+RWbKnHSyUtC1lnAgu4YWQO7QvFVq7fwaXgk+t85Fqi3Yq0FqtPk1ai2g==\r\nx-amz-request-id: KDH0MQQ1HEGY82GV\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: bn3Q9Dhk70iR2fsppgjyeVJKCiEuLxll\r\ncontent-length: 25518\r\ncache-control: max-age=31536000\r\ndate: Tue, 12 Dec 2023 08:46:16 GMT\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1702370776176_1600457341_94890194_21_1360_6_0_21\";dur=1\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25518,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65466)","md5":"7a94ef1f1f352aaf85d641a223ed6f00","sha1":"699d1d123971f8eb98e51871ce733f47aba6e461","sha256":"923d5daa410b839bdf3f05602c0e33ffdaca14fdc86c040757cbb2709d24d23b","sha512":"16ecb02a183a22be790605f3c3c2aaf625881aa3148ecf37b4ff8eef25197c361fc3e1a1e893a07c78554db511d18568e97eaa181dd034db1268e3e98efd3639","ssdeep":"768:kZuM/ekkrU29jCwgR4psh9sVAyOzbIc6IwmlwBaj1Bz2fGtLHCIpBKSR9NKf5y3z:N9g9Zt9s77dPfht7A/WFHvgU3Pa","tlshash":"5393d59831e5f0b043e750a6943f550af37a2d2de41db060b3a5d8d87a7994fa227f38","first_seen":"2023-09-22T09:48:08Z","last_seen":"2024-09-20T20:15:49.95805Z","times_seen":1595,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":36,"dns":17,"connect":4,"send":0,"wait":10,"receive":3,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img6.wsimg.com/wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.css","fqdn":"img6.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"95.101.10.129","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.487Z","timestamp":1702370776487,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Tue, 19 Sep 2023 21:06:14 GMT","end":"Sun, 20 Oct 2024 21:06:14 GMT"},"fingerprint":{"sha1":"B7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD","sha256":"F0:59:68:08:59:E1:70:FF:7C:87:9A:EC:6B:F0:FE:3F:9A:4E:A4:51:FD:F0:CA:14:49:B8:75:7D:CF:7F:A7:99"}}},"request":{"raw":"GET /wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.css HTTP/1.1\r\nHost: img6.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\nx-amz-request-id: 36R1TFEA7M7ZG9TB\r\nx-amz-id-2: tmHRaQdJrBZf1KJ6m346j+3pUo+SB5URqziuXeiEDFQN+GaoaBF/PR/naNWcCP4QROOmb6B3NMHyZNyW57+EuQ==\r\ncontent-type: application/xml\r\ncontent-length: 255\r\ncache-control: max-age=900\r\ndate: Tue, 12 Dec 2023 08:46:16 GMT\r\nserver-timing: cdn-cache; desc=MISS, edge; dur=138, origin; dur=78, ak_p; desc=\"1702370776213_1600457341_94890250_21672_1773_0_0_21\";dur=1\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":255,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document text\n- XML document, ASCII text","md5":"70bff71f91779714856fb742fc6a21aa","sha1":"ee1a6c06dd03c039f8ef22e452fbe401a5c96846","sha256":"d9edf996ca4cfe7b5c1ed8b98af09680fd224985f30131bfddc72e6b654f1afa","sha512":"24e0f83a0e58637624af7481dbeb1f5b4f48ab84c31fab5acec3a202d1bedc2dab9d5c9d9473e6f928c8e9f89120463a083278129c37a1aae9977e047a90629c","ssdeep":"","tlshash":"05d09712b320a8261e818e2bbb7ee630f7a49d3493c022b8a8c229434b418c00d3c261","first_seen":"2023-12-12T09:46:46Z","last_seen":"2023-12-12T09:46:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ww1.midnightofficial.xyz/","date":"2023-12-12T08:46:16.131Z","timestamp":1702370776131,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:09:47 GMT","end":"Mon, 12 Feb 2024 08:09:46 GMT"},"fingerprint":{"sha1":"50:3E:DA:12:EC:7F:39:A5:E9:4F:16:D7:D6:AA:BF:45:15:44:7F:E9","sha256":"98:2D:C0:52:3D:84:7D:B5:89:AE:22:3E:DD:D8:37:86:72:79:D7:32:40:D6:03:55:D8:A6:F1:70:53:DF:48:95"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://ww1.midnightofficial.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Tue, 12 Dec 2023 08:46:16 GMT\r\nexpires: Tue, 12 Dec 2023 08:46:16 GMT\r\ncache-control: private, max-age=3600\r\netag: \"12169742205723775177\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://www.adsensecustomsearchads.com\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":149633,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1888)","md5":"0808101bcc6e1191c5b6073e31bcb441","sha1":"325317ef7ae2592656dcabfb8462b40f3e3ebc08","sha256":"39359651a0d752d1e777094fd9deed5e4c5993ff6b2aebfd855761f41369b13e","sha512":"754751a2623e4528e0f4d33ca3ccef2262e4a72fd7d329eace58707fc6321adfafed64d8a25dd7af5b4c8f3afb391c5dc1e125ac1bd021fddb551604525508bc","ssdeep":"1536:grPOSj873QtAPyqqf/2uYgMjaitiKc1CPEU6i5QI+/F2R26i57VlcZ6gCzUIomHx:b2sAU5QI+t2RqB+Z+Umpa+NilYtN","tlshash":"97e35b9a7761302663a354f4603f028fb23ab959e84885f4f194d4e47cb8da91237fbd","first_seen":"2023-11-09T15:54:19Z","last_seen":"2023-12-13T16:25:25Z","times_seen":2531,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":151,"dns":1,"connect":15,"send":0,"wait":17,"receive":15,"ssl":140},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}