{"report_id":"338016df-9062-4a8d-9f64-ed1097063aa0","version":6,"status":"done","tags":[],"date":"2026-03-04T19:35:40Z","url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"title":"Dropbox Sign-in","dom":{"size":6535,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"923c26b57ac36ea3a907ca4883f25a6c","sha1":"7f998a61e5a36e738311844dd35b391e891b51a8","sha256":"0dd3d01bbccc26c78c1b86bcb8bc0bc4c0659303769d97b76b63e9809601e37f","sha512":"d46a749d20680b7badfa7d19b005f3ca00e042e37f9384646ec14e4bd50ab3f355969f345a15e42264b93a3088ec8eb21f593c25937e538ba94f78d03741989a","ssdeep":"192:ux2aiU6zzZjmFwcRY+yl416JcTftLWO6J0gAxblneYXRYcyYeYOP9Jw6Q6:uQXIVLDl7ac3763","tlshash":"49d17393cab341871312d0fa2fb9a20431f18407c50ace743edca69edf88e8495a374c","dom_hash":"domhash68f616fc21bdf97ca2d7a3ec232aa9af","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T19:35:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"135461223.site","ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-04-30","domain_rank":6950317,"first_seen":"2020-05-07T14:18:02Z","last_seen":"2026-02-28T08:15:50.211321Z","alert_count":21,"request_count":7,"received_data":184345,"sent_data":7927,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.bunny.net","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"1999-11-22","domain_rank":56787,"first_seen":"2022-03-21T07:38:02Z","last_seen":"2026-03-02T02:35:31.126952Z","alert_count":0,"request_count":2,"received_data":27414,"sent_data":849,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"nimblr.net","ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2019-12-18","domain_rank":1543378,"first_seen":"2016-07-07T09:19:28Z","last_seen":"2026-02-27T00:39:23.263899Z","alert_count":0,"request_count":1,"received_data":16534,"sent_data":414,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"135461223.site/simulations/js/simulations.js","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddd1cac29ad5368e3af23264217ee537","sha1":"24e6d1ca090be34ca12f238645fe8175dcd460b3","sha256":"21884b1c1d2f054d5275f22a41ed9df6a083334202c1a09ce0e6d89f32c3e133","sha512":"60c695b73190a193136cd8bba30d191c55e46da5ad7492aaddddea13b547b22517edeee9db79c63fe8029c0658c2dc9778abca5ec7ceee48148a110e059b1461","ssdeep":"","tlshash":"9431d22f10fa0424419fb23eaf4f9005353610cb59479c863f5ccb506f59ea69ea1fb5","size":1724,"data":"","first_seen":"2024-01-02T11:27:33Z","last_seen":"2026-04-03T11:19:50.080888Z","times_seen":777,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1bc2ce029008e18d0fd6a3d63059fc53","sha1":"99244d8a9a3c9cb3d0ec7576c06eeed1ab63c434","sha256":"b0b4dbf4fecceac1b460c76b757093cf62c92c9f63f9a569b6a61f80e14a5b06","sha512":"83049e9a428c0a039f138e21684619ec67365a1481e4f2e14e9e02a51de1d722538fb0c05a84f2356b2ef7fa1ecaee57f69c81cc5e6ae8dd79aa9843a7122e13","ssdeep":"","tlshash":"a1b002e1857746948c6fd79d571311045c6518d37953fa85705cc507cf0acc4e513104","size":92,"data":"","first_seen":"2025-03-05T11:20:14.343164Z","last_seen":"2026-04-01T17:45:49.379025Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"74ce193d71448ad4dce5d4b19111d7ba","sha1":"2580718ffb3153b5caefa770c31e92a6dcf94636","sha256":"1e38eb5dbed5d73398cc96c341727c775036260ba7cbb7069489198796c3ded7","sha512":"6242ec3dd9d814ec57de9d449119ccf6f480f65b86265db2bf5182250df84b7ed8ba50b1be0c41ca348741abdf8f2f96b435813a7ba7b2dd73e8cc1656e646cb","ssdeep":"","tlshash":"a2c0805102e90d90416dc169479df0043271c4c3c44368039fd0850f7b91c0107c901a","size":148,"data":"","first_seen":"2025-05-06T00:01:01.867831Z","last_seen":"2026-03-27T00:31:57.345365Z","times_seen":132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/js/axios.js?id=ddb6d58d35ec5b4d9cffa5c8481981a0","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddb6d58d35ec5b4d9cffa5c8481981a0","sha1":"7ed30cfcfa850ed155580b6873f7bccd8113a344","sha256":"00e7cc51130d9064249c5d6c526bb16102a4ef27120f2b88009bb88110b0f67c","sha512":"80ee9a41a22417a8afd95fed44c4b735ef6a84c8261511c1f39aae9eeb08c07275cdec1286a03b6f739d39e6340a543cf61016a13aebae7e3d6032350eb0ea4c","ssdeep":"768:+P9hu+9tG/8QPG+T4n1E16sPT0JxLOLei1fTyDjx20KJ0EnXPWiOK8I3ZDuc4/Lh:+PvwxPj5BJqvg5mk1tD5VoL1hLf","tlshash":"da432a84b6e1f07503a265e4406b4507f23aea29b44e48e4f254ecd73cb948f95bbf78","size":60042,"data":"","first_seen":"2026-01-12T01:45:02.494725Z","last_seen":"2026-04-03T11:19:50.084977Z","times_seen":280,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/js/jquery.js?id=ec514a33faa4324c80d2c05d50d9ad56","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec514a33faa4324c80d2c05d50d9ad56","sha1":"1b1c5f06395bbb46d063f54b22342c6d0a53e274","sha256":"f77fc9503b52b2da5de6619f7f2a1cde0e75feee47b6d737709efb9ee1d23be1","sha512":"f18bad3276d7edfba568818134ba843da1ee8d999fbb5c4bd44742643176da7028b54c77261fa1ed55b4c9a9bfb258e1ddb4c05342931fa7620e9e4c5c2d0d49","ssdeep":"1536:rCJo1GbGo+JTWaxsZt9OgOfv3HkaGSUiWlEBMXBw6But2Hum/3IwY9xH180y:rQOgO3HAVtButu12H1fy","tlshash":"dc8319dd72c6b06347a760ba407f550ff236199d684e8400f119e8e9bc78a4a923bf7d","size":86992,"data":"","first_seen":"2026-01-12T13:06:06.466758Z","last_seen":"2026-04-03T11:19:50.083998Z","times_seen":274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T19:35:17.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933 HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nLocation: https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x\r\nX-Robots-Tag: noindex\r\nX-Frame-Options: DENY\r\nReferrer-Policy: same-origin\r\nContent-Security-Policy-Report-Only: default-src 'self'; script-src 'self'  'unsafe-inline' 'unsafe-eval'; style-src 'self'  'unsafe-inline' fonts.bunny.net; img-src 'self'  https://135461223.site https://nimblr.net data:; font-src 'self' data: fonts.bunny.net;object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://135461223.site; worker-src 'self' blob:;report-uri /api/csp-violation-report\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6Ik0xenNJNmxxQjE3bWR2c1FsellXY3c9PSIsInZhbHVlIjoiYlRiZ2l1bWRlRENIL3UxNkFUQ3AzOWZJaVh6bFR6ek82ZUl2aEo1N0FFMTd0cEtuRDYrUVUyd0dBekF3QXlVNlVaT1RHSGM5eFhtUkE1d3hqbUZiZFRpZjdEeFhtRk15QXcrNE5UY09TR0tWZFZLMllJQzkvL1Z6RzBwVjQwVlEiLCJtYWMiOiJiMWEyNzNhMzcxZmVjOWJkMjE3MjJjYmI4YzVkOTA1NTUzZGVhMmIxZTlmZGQwNThlZjdlYjNhMThmOTcxNDdlIiwidGFnIjoiIn0%3D; expires=Wed, 04 Mar 2026 21:35:17 GMT; Max-Age=7200; path=/; secure; samesite=lax\n__HostProd_session=eyJpdiI6Imtma0p0TDFnTGhZYTlPQkc5YkxXc1E9PSIsInZhbHVlIjoiV0VrejV3cmh6RXg5ZHdPbDJhdUprTEJMRDFwM2daTi9sWEU3ZjBiV2RGYUE5ZW9vUHRIQXcwRXlacHA0SzhLSmJNWVBwM1RESjNuL0NOOXFjck1EMVVRaUpYcmI5RDcwV1RZS1ByUkNKYWdpaXdMUnYvbTJ5ZWFxSmwwWHQ2TTAiLCJtYWMiOiJiOTgyMWQzNzRlZmRjZjYyMDYwYzllNDM4YzViYTc2OTMxZjFjZGQ2MTMyYjM0MmE2ZDAzNmEwODVhNjA5NDc1IiwidGFnIjoiIn0%3D; expires=Wed, 04 Mar 2026 21:35:17 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6688,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":73,"dns":1,"connect":35,"send":0,"wait":142,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T19:35:17.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik0xenNJNmxxQjE3bWR2c1FsellXY3c9PSIsInZhbHVlIjoiYlRiZ2l1bWRlRENIL3UxNkFUQ3AzOWZJaVh6bFR6ek82ZUl2aEo1N0FFMTd0cEtuRDYrUVUyd0dBekF3QXlVNlVaT1RHSGM5eFhtUkE1d3hqbUZiZFRpZjdEeFhtRk15QXcrNE5UY09TR0tWZFZLMllJQzkvL1Z6RzBwVjQwVlEiLCJtYWMiOiJiMWEyNzNhMzcxZmVjOWJkMjE3MjJjYmI4YzVkOTA1NTUzZGVhMmIxZTlmZGQwNThlZjdlYjNhMThmOTcxNDdlIiwidGFnIjoiIn0%3D; __HostProd_session=eyJpdiI6Imtma0p0TDFnTGhZYTlPQkc5YkxXc1E9PSIsInZhbHVlIjoiV0VrejV3cmh6RXg5ZHdPbDJhdUprTEJMRDFwM2daTi9sWEU3ZjBiV2RGYUE5ZW9vUHRIQXcwRXlacHA0SzhLSmJNWVBwM1RESjNuL0NOOXFjck1EMVVRaUpYcmI5RDcwV1RZS1ByUkNKYWdpaXdMUnYvbTJ5ZWFxSmwwWHQ2TTAiLCJtYWMiOiJiOTgyMWQzNzRlZmRjZjYyMDYwYzllNDM4YzViYTc2OTMxZjFjZGQ2MTMyYjM0MmE2ZDAzNmEwODVhNjA5NDc1IiwidGFnIjoiIn0%3D\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nX-Robots-Tag: noindex\r\nX-Frame-Options: DENY\r\nReferrer-Policy: same-origin\r\nContent-Security-Policy-Report-Only: default-src 'self'; script-src 'self'  'unsafe-inline' 'unsafe-eval'; style-src 'self'  'unsafe-inline' fonts.bunny.net; img-src 'self'  https://135461223.site https://nimblr.net data:; font-src 'self' data: fonts.bunny.net;object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' https://135461223.site; worker-src 'self' blob:;report-uri /api/csp-violation-report\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6IllGOHIxbFBvSG5kYW9KZzRYTVR3ZUE9PSIsInZhbHVlIjoibFFBcTFOY3hnbmtUZHpqWkFzU21sRWd3OXorbXE4YVhYOHVNMDJldnNDUWNNSVA4REY5VVp3NEova3NycnJTSEhqRm1EaVppQ3VHQ3hkVncydkVjb2FGUjhGOXpOclNBNzREdUo3UkhYUDBPUVU0YnZBZUZBZk5KS0lTM3ROeUkiLCJtYWMiOiI0N2E1MGExNWNhYWIwNDcwNzgyMjUxYTljNmIxMDQ2YTUxOGI3NGE2ZjkzOWM4NDYxOTBmYjdkMmY5OTIyYzliIiwidGFnIjoiIn0%3D; expires=Wed, 04 Mar 2026 21:35:17 GMT; Max-Age=7200; path=/; secure; samesite=lax\n__HostProd_session=eyJpdiI6Ijg5OVVXTk9QUFRpaWx4SVR5aXAyUWc9PSIsInZhbHVlIjoicXMrR0w4K093enI5UFUwZXRkanZwMGkvdTFoUkJyZWYzMEM4RjVWZk9YTjAxQXVrdkpIT1c2ZXVTM0p2TWpnS1VpN0ZXVXZCT2ozcjdOQ1ZkUm0rLzI2R0E2MjB5MlB6RGdJM0pRSW8yWWdBOXBZeExSeDVLei9ldzV5T05TbTUiLCJtYWMiOiI2MmJlNGI4ZWYwMmMxYzE4ODJiZWFmZWQwZWE2ODNmOWZmYjgyMDZkYjRiZTM1YjYxZWQyYmIzZWRjOGY3NmJiIiwidGFnIjoiIn0%3D; expires=Wed, 04 Mar 2026 21:35:17 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6688,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"c65a2131a7d0de1032f4c41b24749d2a","sha1":"d7a8fbb7c500b78bd78c363dfc08b2cc944c3412","sha256":"a867cf3a8e19a05823ac695a7a37acce83b91751a28446c92b1f636493077a18","sha512":"3583fc86f579be5669f1a72e5eb51f0c9558cd58711a7bcb4e45841f4c7a245599386dc8969f0bb911d6ec142f0bdb292f126faa2a1774fc70dc20d47a19b05f","ssdeep":"192:hx2aip6zzZjmFwcRY+yl416J7uhrBl/XyzE/colWo6Qu:hQXEel/izEflm","tlshash":"50d185a3ca9244471332d2fa6fb6a204f5f14407c206ca743edca25bdfb5d40c2a3a8c","first_seen":"2026-03-04T19:35:40.682049Z","last_seen":"2026-03-04T19:35:40.682049Z","times_seen":1,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/js/axios.js?id=ddb6d58d35ec5b4d9cffa5c8481981a0","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /js/axios.js?id=ddb6d58d35ec5b4d9cffa5c8481981a0 HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IllGOHIxbFBvSG5kYW9KZzRYTVR3ZUE9PSIsInZhbHVlIjoibFFBcTFOY3hnbmtUZHpqWkFzU21sRWd3OXorbXE4YVhYOHVNMDJldnNDUWNNSVA4REY5VVp3NEova3NycnJTSEhqRm1EaVppQ3VHQ3hkVncydkVjb2FGUjhGOXpOclNBNzREdUo3UkhYUDBPUVU0YnZBZUZBZk5KS0lTM3ROeUkiLCJtYWMiOiI0N2E1MGExNWNhYWIwNDcwNzgyMjUxYTljNmIxMDQ2YTUxOGI3NGE2ZjkzOWM4NDYxOTBmYjdkMmY5OTIyYzliIiwidGFnIjoiIn0%3D; __HostProd_session=eyJpdiI6Ijg5OVVXTk9QUFRpaWx4SVR5aXAyUWc9PSIsInZhbHVlIjoicXMrR0w4K093enI5UFUwZXRkanZwMGkvdTFoUkJyZWYzMEM4RjVWZk9YTjAxQXVrdkpIT1c2ZXVTM0p2TWpnS1VpN0ZXVXZCT2ozcjdOQ1ZkUm0rLzI2R0E2MjB5MlB6RGdJM0pRSW8yWWdBOXBZeExSeDVLei9ldzV5T05TbTUiLCJtYWMiOiI2MmJlNGI4ZWYwMmMxYzE4ODJiZWFmZWQwZWE2ODNmOWZmYjgyMDZkYjRiZTM1YjYxZWQyYmIzZWRjOGY3NmJiIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 60042\r\nLast-Modified: Tue, 27 Jan 2026 08:48:47 GMT\r\nConnection: keep-alive\r\nETag: \"69787bef-ea8a\"\r\nExpires: Tue, 23 Feb 2027 19:35:17 GMT\r\nCache-Control: max-age=30758400\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60042,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (59979)","md5":"ddb6d58d35ec5b4d9cffa5c8481981a0","sha1":"7ed30cfcfa850ed155580b6873f7bccd8113a344","sha256":"00e7cc51130d9064249c5d6c526bb16102a4ef27120f2b88009bb88110b0f67c","sha512":"80ee9a41a22417a8afd95fed44c4b735ef6a84c8261511c1f39aae9eeb08c07275cdec1286a03b6f739d39e6340a543cf61016a13aebae7e3d6032350eb0ea4c","ssdeep":"768:+P9hu+9tG/8QPG+T4n1E16sPT0JxLOLei1fTyDjx20KJ0EnXPWiOK8I3ZDuc4/Lh:+PvwxPj5BJqvg5mk1tD5VoL1hLf","tlshash":"da432a84b6e1f07503a265e4406b4507f23aea29b44e48e4f254ecd73cb948f95bbf78","first_seen":"2026-01-12T01:45:02.494725Z","last_seen":"2026-04-03T11:19:50.084977Z","times_seen":280,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":78,"dns":1,"connect":39,"send":0,"wait":66,"receive":42,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.bunny.net/icon?family=Material+Icons","fqdn":"fonts.bunny.net","domain":"bunny.net","tld":"net"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fonts.bunny.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 03:04:21 GMT","end":"Fri, 22 May 2026 03:04:20 GMT"},"fingerprint":{"sha1":"4B:2A:86:15:05:FF:29:84:62:F8:36:DC:E9:F9:21:E0:E0:25:D6:B7","sha256":"DF:9D:6C:C0:B2:8C:6F:83:63:FA:A4:69:D0:8C:35:1D:15:3D:19:AF:3F:15:46:FF:C6:C1:B1:20:89:A9:CD:CF"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.bunny.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 19:35:17 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 781720\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\ncache-control: public, max-age=2592000\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 02/21/2026 01:04:41\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 671a2821752d68854ddd2df0f2319324\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":850,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8fdd70496e7cb9ad14b249ed7c1bcc3b","sha1":"78ca367c7456d291874d1943846420b28e261faa","sha256":"ad5b37a4a389d858ea870140c5e94f01d8ecf2d083ef2446876edf4d9abfd491","sha512":"8454601c83fe5924b6ddcfef4addafc38e61b567952dcba32238938e7aa055a2ac494e0c1efc565b30d7186c1e349307bec9bbe3108c21708f4b8c091c8514ae","ssdeep":"","tlshash":"390188695e58250a52534c22238e2e021e09d12be407d4e99e125d9c4efad3b93e7b2e","first_seen":"2024-12-28T02:27:20.092265Z","last_seen":"2026-04-03T11:19:50.085646Z","times_seen":383,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":18,"dns":12,"connect":3,"send":0,"wait":4,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.bunny.net/css?family=Abril+Fatface|Open+Sans:300,400|Roboto:400,700","fqdn":"fonts.bunny.net","domain":"bunny.net","tld":"net"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fonts.bunny.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 03:04:21 GMT","end":"Fri, 22 May 2026 03:04:20 GMT"},"fingerprint":{"sha1":"4B:2A:86:15:05:FF:29:84:62:F8:36:DC:E9:F9:21:E0:E0:25:D6:B7","sha256":"DF:9D:6C:C0:B2:8C:6F:83:63:FA:A4:69:D0:8C:35:1D:15:3D:19:AF:3F:15:46:FF:C6:C1:B1:20:89:A9:CD:CF"}}},"request":{"raw":"GET /css?family=Abril+Fatface|Open+Sans:300,400|Roboto:400,700 HTTP/1.1\r\nHost: fonts.bunny.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 19:35:17 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 781720\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\ncache-control: public, max-age=2592000\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/02/2026 02:10:34\r\ncdn-edgestorageid: 830\r\ncdn-requestid: b364c6130f934ac2a2e4e1676f786ab9\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":24888,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1445)","md5":"423eaae69a2f3a16592f08462225136b","sha1":"6064115a2d64d6dd926b5ed9bd9cf506c8ea5657","sha256":"b097c042b0e4f3afc65acf6c3aababcf5ac026698f9cc1e5a310bd52394275a4","sha512":"8914ce639b9cedbcbe568cb908c7ff65bed72759fc3c46f1df52bfc9bca6f918ef5305e9038a2a16f4bcf659a62e0cc538acc539a56a1c2d8a1e994410472fc4","ssdeep":"384:1WSMJ4xfgRjf+Hs/PJajfgRjQBeWJi3VSfgRjIlh7qNJlCZLfgRja0roTV:eLZT+crNE","tlshash":"d4b21fb6001a2400d3d728a323da6d169e0e9113b389e056ef1cdcd49fe5a3997f277e","first_seen":"2025-11-19T06:31:53.841086Z","last_seen":"2026-03-30T15:00:59.915444Z","times_seen":246,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":18,"dns":11,"connect":3,"send":0,"wait":10,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/courses/css/main.css?uts=1772652917","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /courses/css/main.css?uts=1772652917 HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IllGOHIxbFBvSG5kYW9KZzRYTVR3ZUE9PSIsInZhbHVlIjoibFFBcTFOY3hnbmtUZHpqWkFzU21sRWd3OXorbXE4YVhYOHVNMDJldnNDUWNNSVA4REY5VVp3NEova3NycnJTSEhqRm1EaVppQ3VHQ3hkVncydkVjb2FGUjhGOXpOclNBNzREdUo3UkhYUDBPUVU0YnZBZUZBZk5KS0lTM3ROeUkiLCJtYWMiOiI0N2E1MGExNWNhYWIwNDcwNzgyMjUxYTljNmIxMDQ2YTUxOGI3NGE2ZjkzOWM4NDYxOTBmYjdkMmY5OTIyYzliIiwidGFnIjoiIn0%3D; __HostProd_session=eyJpdiI6Ijg5OVVXTk9QUFRpaWx4SVR5aXAyUWc9PSIsInZhbHVlIjoicXMrR0w4K093enI5UFUwZXRkanZwMGkvdTFoUkJyZWYzMEM4RjVWZk9YTjAxQXVrdkpIT1c2ZXVTM0p2TWpnS1VpN0ZXVXZCT2ozcjdOQ1ZkUm0rLzI2R0E2MjB5MlB6RGdJM0pRSW8yWWdBOXBZeExSeDVLei9ldzV5T05TbTUiLCJtYWMiOiI2MmJlNGI4ZWYwMmMxYzE4ODJiZWFmZWQwZWE2ODNmOWZmYjgyMDZkYjRiZTM1YjYxZWQyYmIzZWRjOGY3NmJiIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nContent-Type: text/css\r\nContent-Length: 12343\r\nLast-Modified: Thu, 28 Aug 2025 21:51:30 GMT\r\nConnection: keep-alive\r\nETag: \"68b0cf62-3037\"\r\nExpires: Tue, 23 Feb 2027 19:35:17 GMT\r\nCache-Control: max-age=30758400\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12343,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"6f564762a6da4f7775e4aab64bc8589e","sha1":"186a1991022921d68fb762838bebc7cb1fd77d09","sha256":"ee714b21226cf8a5d1ab817a17177a7bccfc3bd2bbe030a21d37c32a5c61204b","sha512":"ba8d09a804c3453cd294b68e0cbb67550a6ec4131b201bb5fc009c6fb9487e43bd72045d615a0a69126dbe60c72031a2ab88499a90b00cc7c397ca5c7b845d1b","ssdeep":"192:812C7163HiOMEOJi5ZhdsSqhQ+0qv8EyavTRqfO55Ftk6vmSqiiuwfO:eAXKwQ30mDFfmUiO","tlshash":"784246929a732505b613d5642f7a724623ad9007910fe63d3fcc7349efc90d899b6b8c","first_seen":"2025-09-09T04:56:15.387454Z","last_seen":"2026-04-03T11:19:50.08686Z","times_seen":362,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":67,"dns":0,"connect":36,"send":0,"wait":68,"receive":3,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/simulations/js/simulations.js","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /simulations/js/simulations.js HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IllGOHIxbFBvSG5kYW9KZzRYTVR3ZUE9PSIsInZhbHVlIjoibFFBcTFOY3hnbmtUZHpqWkFzU21sRWd3OXorbXE4YVhYOHVNMDJldnNDUWNNSVA4REY5VVp3NEova3NycnJTSEhqRm1EaVppQ3VHQ3hkVncydkVjb2FGUjhGOXpOclNBNzREdUo3UkhYUDBPUVU0YnZBZUZBZk5KS0lTM3ROeUkiLCJtYWMiOiI0N2E1MGExNWNhYWIwNDcwNzgyMjUxYTljNmIxMDQ2YTUxOGI3NGE2ZjkzOWM4NDYxOTBmYjdkMmY5OTIyYzliIiwidGFnIjoiIn0%3D; __HostProd_session=eyJpdiI6Ijg5OVVXTk9QUFRpaWx4SVR5aXAyUWc9PSIsInZhbHVlIjoicXMrR0w4K093enI5UFUwZXRkanZwMGkvdTFoUkJyZWYzMEM4RjVWZk9YTjAxQXVrdkpIT1c2ZXVTM0p2TWpnS1VpN0ZXVXZCT2ozcjdOQ1ZkUm0rLzI2R0E2MjB5MlB6RGdJM0pRSW8yWWdBOXBZeExSeDVLei9ldzV5T05TbTUiLCJtYWMiOiI2MmJlNGI4ZWYwMmMxYzE4ODJiZWFmZWQwZWE2ODNmOWZmYjgyMDZkYjRiZTM1YjYxZWQyYmIzZWRjOGY3NmJiIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1724\r\nLast-Modified: Thu, 07 Dec 2023 11:50:43 GMT\r\nConnection: keep-alive\r\nETag: \"6571b193-6bc\"\r\nExpires: Tue, 23 Feb 2027 19:35:17 GMT\r\nCache-Control: max-age=30758400\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1724,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"ddd1cac29ad5368e3af23264217ee537","sha1":"24e6d1ca090be34ca12f238645fe8175dcd460b3","sha256":"21884b1c1d2f054d5275f22a41ed9df6a083334202c1a09ce0e6d89f32c3e133","sha512":"60c695b73190a193136cd8bba30d191c55e46da5ad7492aaddddea13b547b22517edeee9db79c63fe8029c0658c2dc9778abca5ec7ceee48148a110e059b1461","ssdeep":"","tlshash":"9431d22f10fa0424419fb23eaf4f9005353610cb59479c863f5ccb506f59ea69ea1fb5","first_seen":"2024-01-02T11:27:33Z","last_seen":"2026-04-03T11:19:50.080888Z","times_seen":777,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":63,"dns":1,"connect":34,"send":0,"wait":34,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/js/jquery.js?id=ec514a33faa4324c80d2c05d50d9ad56","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /js/jquery.js?id=ec514a33faa4324c80d2c05d50d9ad56 HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IllGOHIxbFBvSG5kYW9KZzRYTVR3ZUE9PSIsInZhbHVlIjoibFFBcTFOY3hnbmtUZHpqWkFzU21sRWd3OXorbXE4YVhYOHVNMDJldnNDUWNNSVA4REY5VVp3NEova3NycnJTSEhqRm1EaVppQ3VHQ3hkVncydkVjb2FGUjhGOXpOclNBNzREdUo3UkhYUDBPUVU0YnZBZUZBZk5KS0lTM3ROeUkiLCJtYWMiOiI0N2E1MGExNWNhYWIwNDcwNzgyMjUxYTljNmIxMDQ2YTUxOGI3NGE2ZjkzOWM4NDYxOTBmYjdkMmY5OTIyYzliIiwidGFnIjoiIn0%3D; __HostProd_session=eyJpdiI6Ijg5OVVXTk9QUFRpaWx4SVR5aXAyUWc9PSIsInZhbHVlIjoicXMrR0w4K093enI5UFUwZXRkanZwMGkvdTFoUkJyZWYzMEM4RjVWZk9YTjAxQXVrdkpIT1c2ZXVTM0p2TWpnS1VpN0ZXVXZCT2ozcjdOQ1ZkUm0rLzI2R0E2MjB5MlB6RGdJM0pRSW8yWWdBOXBZeExSeDVLei9ldzV5T05TbTUiLCJtYWMiOiI2MmJlNGI4ZWYwMmMxYzE4ODJiZWFmZWQwZWE2ODNmOWZmYjgyMDZkYjRiZTM1YjYxZWQyYmIzZWRjOGY3NmJiIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 86992\r\nLast-Modified: Tue, 27 Jan 2026 08:48:47 GMT\r\nConnection: keep-alive\r\nETag: \"69787bef-153d0\"\r\nExpires: Tue, 23 Feb 2027 19:35:17 GMT\r\nCache-Control: max-age=30758400\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86992,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65470)","md5":"ec514a33faa4324c80d2c05d50d9ad56","sha1":"1b1c5f06395bbb46d063f54b22342c6d0a53e274","sha256":"f77fc9503b52b2da5de6619f7f2a1cde0e75feee47b6d737709efb9ee1d23be1","sha512":"f18bad3276d7edfba568818134ba843da1ee8d999fbb5c4bd44742643176da7028b54c77261fa1ed55b4c9a9bfb258e1ddb4c05342931fa7620e9e4c5c2d0d49","ssdeep":"1536:rCJo1GbGo+JTWaxsZt9OgOfv3HkaGSUiWlEBMXBw6But2Hum/3IwY9xH180y:rQOgO3HAVtButu12H1fy","tlshash":"dc8319dd72c6b06347a760ba407f550ff236199d684e8400f119e8e9bc78a4a923bf7d","first_seen":"2026-01-12T13:06:06.466758Z","last_seen":"2026-04-03T11:19:50.083998Z","times_seen":274,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nimblr.net/images/content/boxdropbox.png","fqdn":"nimblr.net","domain":"nimblr.net","tld":"net"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.net","organization":"Nimblr AB"},"issuer":{"commonName":"GlobalSign Extended Validation CA - SHA256 - G3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 27 May 2025 10:46:47 GMT","end":"Sun, 28 Jun 2026 10:46:46 GMT"},"fingerprint":{"sha1":"79:C8:CF:4A:BF:74:C3:3C:80:EE:6A:90:5E:CA:A8:05:34:C5:EF:3F","sha256":"54:4B:CD:76:F2:56:8F:3A:F5:C5:FE:D7:AB:01:9D:C4:0E:99:01:D2:AE:9B:15:A1:29:AE:0F:26:8F:D0:9A:72"}}},"request":{"raw":"GET /images/content/boxdropbox.png HTTP/1.1\r\nHost: nimblr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 16129\r\nLast-Modified: Tue, 06 May 2025 09:25:10 GMT\r\nConnection: keep-alive\r\nETag: \"6819d576-3f01\"\r\nExpires: Tue, 23 Feb 2027 19:35:17 GMT\r\nCache-Control: max-age=30758400\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16129,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 744, 8-bit colormap, non-interlaced","md5":"41e40de735a85ded1b6d41a9766ae742","sha1":"09f1ee15f90965f97f8aad8eddebd8277dbe97ba","sha256":"d8964fe352759696e6aa6a34480be7cd5e252dd71462939d2aec2cf309d8d94e","sha512":"8f07dc25b64051124c28c9ddf048c9006ad72894c2fb76282c9af963a56fbb44f3b052f85850ed14b005e85a3c422aac84943869e14e4395c59a1dd95d1345b5","ssdeep":"384:xGULrq5QTstfvIULi67AAMzI+8UBcHPW3jGhy3EY:sgs5vIIiBBI2IeTGg3n","tlshash":"8272c00b27587414a7fe67010862764687075fd346e0b992e378feea09344f2f6d68e7","first_seen":"2025-05-07T22:16:27.934556Z","last_seen":"2026-03-27T00:31:57.326187Z","times_seen":130,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":180,"dns":1,"connect":40,"send":0,"wait":69,"receive":1,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"135461223.site/images/content/dropbox-favicon.ico","fqdn":"135461223.site","domain":"135461223.site","tld":"site"},"ip":{"addr":"116.203.212.240","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x","date":"2026-03-04T19:35:17.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nimblr.software","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 00:09:34 GMT","end":"Tue, 12 May 2026 00:09:33 GMT"},"fingerprint":{"sha1":"D4:76:33:2D:42:39:9A:26:88:6D:AF:C9:D3:E4:30:2B:FB:97:4F:93","sha256":"DF:00:FD:22:D1:0D:AC:F0:F5:03:6C:F6:81:69:10:CC:49:22:AB:EE:74:81:0A:2E:98:E5:97:A3:28:B1:F7:04"}}},"request":{"raw":"GET /images/content/dropbox-favicon.ico HTTP/1.1\r\nHost: 135461223.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://135461223.site/sv/458/7d9f1206-c4be-4e5d-b474-ad0b813f3e08/725933/x\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IllGOHIxbFBvSG5kYW9KZzRYTVR3ZUE9PSIsInZhbHVlIjoibFFBcTFOY3hnbmtUZHpqWkFzU21sRWd3OXorbXE4YVhYOHVNMDJldnNDUWNNSVA4REY5VVp3NEova3NycnJTSEhqRm1EaVppQ3VHQ3hkVncydkVjb2FGUjhGOXpOclNBNzREdUo3UkhYUDBPUVU0YnZBZUZBZk5KS0lTM3ROeUkiLCJtYWMiOiI0N2E1MGExNWNhYWIwNDcwNzgyMjUxYTljNmIxMDQ2YTUxOGI3NGE2ZjkzOWM4NDYxOTBmYjdkMmY5OTIyYzliIiwidGFnIjoiIn0%3D; __HostProd_session=eyJpdiI6Ijg5OVVXTk9QUFRpaWx4SVR5aXAyUWc9PSIsInZhbHVlIjoicXMrR0w4K093enI5UFUwZXRkanZwMGkvdTFoUkJyZWYzMEM4RjVWZk9YTjAxQXVrdkpIT1c2ZXVTM0p2TWpnS1VpN0ZXVXZCT2ozcjdOQ1ZkUm0rLzI2R0E2MjB5MlB6RGdJM0pRSW8yWWdBOXBZeExSeDVLei9ldzV5T05TbTUiLCJtYWMiOiI2MmJlNGI4ZWYwMmMxYzE4ODJiZWFmZWQwZWE2ODNmOWZmYjgyMDZkYjRiZTM1YjYxZWQyYmIzZWRjOGY3NmJiIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Mar 2026 19:35:17 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4286\r\nLast-Modified: Wed, 12 Jun 2024 11:10:46 GMT\r\nConnection: keep-alive\r\nETag: \"66698236-10be\"\r\nExpires: Tue, 23 Feb 2027 19:35:17 GMT\r\nCache-Control: max-age=30758400\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains;\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"f25511f4158c2dfab6aa11a07d026e4a","sha1":"99f63cf1694fa5e52f43eb967462ea0d9eef7513","sha256":"c0906d540d89dbe1f09b24f17b7f35b81350e8d381c1558b075c28ea913c450d","sha512":"0bfb19aec453a1c4d4b8f39602bf8bbf0a98182a98e29e1e1708eabfd99e3168855994a56061ed462c29b099137c226e25ddd274b46ed2f443c2c515a530b731","ssdeep":"48:wFFFFFFFFFFFFFFFFtJdFdFSFfyFbK9MFDFCFbXFbFexKFdFcFQrDFaFNGCF7sF9:nudyjwG+jeWqQmGDB5","tlshash":"5d918bd58e25ee80fae7783a40b69cf0504b3cbdf94ccd523964755e216798b4ce0686","first_seen":"2023-04-14T09:14:03Z","last_seen":"2026-03-27T00:31:57.334158Z","times_seen":350,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"135461223.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}