{"report_id":"3d51ce82-d2fb-4021-8e58-ed1276cc2ec7","version":6,"status":"done","tags":[],"date":"2024-01-04T17:20:11Z","url":{"schema":"http","addr":"uz.mediageting.com/","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":0,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"uz.mediageting.com/","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"title":"Semaltdan ekspert: Wiki tahrirlash"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T05:03:57Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"rankexperience.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-06-27","domain_rank":0,"first_seen":"2017-07-01 07:51:42","last_seen":"2023-12-31 18:37:24","alert_count":0,"request_count":1,"received_data":0,"sent_data":416,"comment":"","tags":null,"fingerprints":null},{"fqdn":"uz.mediageting.com","ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":16,"received_data":214885,"sent_data":8464,"comment":"","tags":null,"fingerprints":null},{"fqdn":"semalt.com","ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"domain_registered":"2013-09-04","domain_rank":15009,"first_seen":"2013-11-05 03:50:41","last_seen":"2024-01-04 15:31:48","alert_count":0,"request_count":8,"received_data":982283,"sent_data":3745,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2024-01-04 11:23:43","alert_count":0,"request_count":2,"received_data":4206,"sent_data":886,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.211.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2024-01-04 11:20:42","alert_count":0,"request_count":1,"received_data":16693,"sent_data":537,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"uz.mediageting.com/","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"cec51e0091e0d6145a9b25b3741592bd","sha1":"122e7f5d560dfbf4967317f98372f907ca711c27","sha256":"a62b2f25f78b0d148577d83bc49a7d923f1b17987e671690ed2d42c7942ce4c1","sha512":"d6bc79b35ac80fa57a0d70b7d532eb02f3bb0a62db28fdb5fbeae637171bc47c277ca64f532640a1f7850e938466e359904c848efd237a1bd788eb505c508a73","ssdeep":"","tlshash":"e3e05c39acad02b40cb571781477fd353943622821d24c13184ccc5ddc92e96dc09f48","size":435,"data":"","first_seen":"2023-05-26T05:16:04Z","last_seen":"2026-02-10T16:41:42.072801Z","times_seen":207,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/counter.js","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"85e82bd6fe29ec20ae7156b89f97d09f","sha1":"2b4ffbc1674dd2b1a8071540ce991032eec852bc","sha256":"bafaae03a4a0091ffbdd8ccca9f9341348cf576a39e20aa1515fe24c6a02dda6","sha512":"bddc4e2c3cca73e271954d7444fc102b67546dbb0b87464daf166d42403d5e7516a7dbe372d846de0caf2383b692907b09eced0c7977830f4f21dcbb85295ec5","ssdeep":"192:8aa3MCP47Rb36GhAQRsRkbY1jBZo+A+1riUvcdFOQXvfCZeIgmHrCFPLD0v:vCQ7Rb3jhAybY3Zo+A+/Ed3XHC0IA5Lc","tlshash":"4622b6acb244b47615a7703122bf230e7533a514380a44a1a67ee8d1bcbcd776267fbd","size":9748,"data":"","first_seen":"2023-07-11T12:43:41Z","last_seen":"2024-08-21T09:41:09.518654Z","times_seen":187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/js/jquery2.js","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a6e846b954e345951e710cd6ce3440e","sha1":"fbf9c77d0c4e3c34a485980c1e5316b6212160c8","sha256":"b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba","sha512":"14653aadeb13635ff6f108137200de430033050660b6f33b36dd15e92c10d1042fabcc8d08836374769aa8b2fe080dcdf038b8145d803f40167f54d8825aa321","ssdeep":"1536:knWi6p4BmVLFijGb2gXke71t5tgPBHlxNLIJBanUEwf7rmvsMn3lhMr:0UL5uxNL/4Cr3lOr","tlshash":"7883f9dd73c2b06257bb20b9006f640ff2364d6a280d8564f125d8e9bcb5a4d827bf6d","size":83612,"data":"","first_seen":"2023-03-07T01:24:52Z","last_seen":"2026-04-02T09:42:20.138294Z","times_seen":3286,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/js/jquery.cookie.js","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff14e4812b7f512e620b1ad35542bcfc","sha1":"c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae","sha256":"c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96","sha512":"59e0276314814c6e033fbc81ab9f2541a86bfb85fc263397d0e3f3c1a0cb0c8e5fe2f833998245462903d8a7e9e499d2685b8fc44964935ad282e4e175753d78","ssdeep":"","tlshash":"f3610f6134fd227e0d9b6bd5676f0468b83ffe70702406448426bd95286c862dba7c5f","size":3121,"data":"","first_seen":"2023-03-07T01:23:22Z","last_seen":"2026-04-03T12:04:55.167366Z","times_seen":4414,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"340701f3b3d21bf473bdb685823e3dc6","sha1":"20f3d2b4365d352dc88fd00c2129bd94f216219f","sha256":"737cb71089402efc666dce6cfd1ba2d76940ee6ef093919a1da59c0fc02cdf3e","sha512":"e3ad5a131c5c0fd1a25bed7af82e767ecd6382bb9bc3792c887f95e831aef787ca2ef5dd6195ca2f262977bbc7bf0e42ecedcd43e8b74acf0e21d63364a8dd9f","ssdeep":"","tlshash":"9811d071f26cab1b86fe412b563f2793383d636b65844c2344088cc0764051bb75dbec","size":1096,"data":"","first_seen":"2023-04-06T17:46:07Z","last_seen":"2025-03-11T05:51:50.702628Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/popups/popup_wow.php?lang=en","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"uz.mediageting.com/","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-04T17:19:40.755Z","timestamp":1704388780755,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:45 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\nX-Powered-By: PHP/7.2.34\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3906,"size_decoded":12818,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5467)","md5":"c386f899c9e748382e1736f82f362167","sha1":"c78b3a5a7574a2917c6cc9fbeef7a70907255057","sha256":"e1c73c4697ee80995cf1debecbc9729a70619407d312d4ac5ee7e32e143c3716","sha512":"35adee712cd8f3842b7cbabdbe8cb4ef2ef3f8ef66400b9a04f7aebbabe33f4a7566deb3a04d634d2e2ecb5288e3aaad78d1f53d7a62d322a0c9c3b7078a0989","ssdeep":"192:S6qyYW7nuORL1dI9qXT65j7XRHy9bo0PdCk3HhwSDWRwc:/YWjuOFA9qXTQXRHy35hwSCN","tlshash":"dc4215b768219d0d032782c9602b3a3cd487693ea7dafc77fd4a0f136446b52065edad","first_seen":"2024-08-20T13:55:45.352212Z","last_seen":"2024-08-20T13:55:45.352212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1002,"timings":{"blocked":481,"dns":1,"connect":25,"send":0,"wait":38,"receive":4,"ssl":451},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/counter.js","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:41.767Z","timestamp":1704388781767,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"GET /actcntr/counter.js HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:46 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Fri, 07 Jul 2023 11:18:54 GMT\r\nETag: W/\"64a7f49e-2614\"\r\nCache-Control: max-age=14400\r\nCF-Cache-Status: HIT\r\nAge: 1491\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=7eXboH27dVcXzQdrd%2BxEpckN%2Bxs%2FyJBsKJZgPLhm50CvPNfj%2BpfQXvQj0xgEKawi9eK%2BdsszU29riPDCckinqTYcj2RiCwbEvBqEW6%2FF5huHbJTbdH72vfW%2FmImiL60ySQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nCF-RAY: 840525fb0e930e3d-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4010,"size_decoded":9748,"mime_type":"application/javascript","magic":"exported SGML document, ASCII text, with very long lines (9747)","md5":"85e82bd6fe29ec20ae7156b89f97d09f","sha1":"2b4ffbc1674dd2b1a8071540ce991032eec852bc","sha256":"bafaae03a4a0091ffbdd8ccca9f9341348cf576a39e20aa1515fe24c6a02dda6","sha512":"bddc4e2c3cca73e271954d7444fc102b67546dbb0b87464daf166d42403d5e7516a7dbe372d846de0caf2383b692907b09eced0c7977830f4f21dcbb85295ec5","ssdeep":"192:8aa3MCP47Rb36GhAQRsRkbY1jBZo+A+1riUvcdFOQXvfCZeIgmHrCFPLD0v:vCQ7Rb3jhAybY3Zo+A+/Ed3XHC0IA5Lc","tlshash":"4622b6acb244b47615a7703122bf230e7533a514380a44a1a67ee8d1bcbcd776267fbd","first_seen":"2023-07-11T12:43:41Z","last_seen":"2024-08-21T09:41:09.518654Z","times_seen":187,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/webcontents/old/1802-1.jpg","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:41.750Z","timestamp":1704388781750,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"GET /webcontents/old/1802-1.jpg HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:46 GMT\r\nContent-Type: image/jpeg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 27 May 2020 07:57:59 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: W/\"5ece1d87-2eb9b\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":190219,"size_decoded":191387,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 796x531, components 3","md5":"46bbf3cdf0f4ec9097d1be82079183f5","sha1":"5bce7480e94fd443bf97f94291a8c79987569daf","sha256":"06a1098601640df58420a0d04b36593ebe54a03f95120824bde4f3b6e3318943","sha512":"8912667018f7470d6047b76042ef1228cb04410ff9372d6a5403c822ae2a4727f0b398eb81bfd59c1fe98701ac7af37efea4551df336895fe6e539c0a11e9c59","ssdeep":"3072:TsXgp6C14pgjgmyPDrRow+TgQC+6J+Taykz/QpjNKK9APsVuV76NEm:Tygp6C14JP5owy/uOkzYdNz2sVuxrm","tlshash":"9014129fef582bf545b00a18543f9c7c6b9b8acc55e29e3c0198c9d1f268d11a78d3b2","first_seen":"2023-12-07T06:44:25Z","last_seen":"2024-08-31T08:33:15.245998Z","times_seen":5,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":141,"dns":0,"connect":0,"send":0,"wait":57,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/add-hit","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:42.071Z","timestamp":1704388782071,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/add-hit HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 254\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:46 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=kWHdRjzklI%2BEyR2t8%2BGMOpLIfE6wtzgMEg8J1B4%2B1oQs%2F68PAyD%2Bw1o5b2IbBwYXGbd37B%2Bfwj8vHrUXkAPhQRB8%2FLRHMu3v87JFJou%2FdRFV87HjoSOmaA8NEO1SWH3hGA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 840525fcd8910e84-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":99,"size_decoded":115,"mime_type":"application/json; charset=UTF-8","magic":"JSON data","md5":"e873de2766bb361e32d91eaebae61e4a","sha1":"621740c619e4d36b9ec17e0981fc5f3cc717ea7d","sha256":"00018e44e0a94125d64d7924df86afdaf1ce48fd1258d7de704f704bf163c411","sha512":"d1451d0514e3ae596ab11d5e9ca75a663bcc13583f89fcaa1061be182f4bc24ae1a14de1bfda69fbba98df1b8d398d474be9d547c3d009cb55fee87fdcb7afa8","ssdeep":"","tlshash":"b7b01211d8b00f69274b994c8cb823d55524c2130f053f347d8d052c4f0855a00e63d2","first_seen":"2024-08-20T13:55:45.354792Z","last_seen":"2024-08-20T13:55:45.354792Z","times_seen":1,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/js/jquery.cookie.js","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:41.761Z","timestamp":1704388781761,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 10 Apr 2018 17:04:19 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"5accee93-c31\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1448,"size_decoded":3121,"mime_type":"application/javascript","magic":"ASCII text","md5":"ff14e4812b7f512e620b1ad35542bcfc","sha1":"c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae","sha256":"c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96","sha512":"59e0276314814c6e033fbc81ab9f2541a86bfb85fc263397d0e3f3c1a0cb0c8e5fe2f833998245462903d8a7e9e499d2685b8fc44964935ad282e4e175753d78","ssdeep":"","tlshash":"f3610f6134fd227e0d9b6bd5676f0468b83ffe70702406448426bd95286c862dba7c5f","first_seen":"2023-03-07T01:23:22Z","last_seen":"2026-04-03T12:04:55.167366Z","times_seen":4414,"resource_available":true,"data":null}},"time_used":664,"timings":{"blocked":300,"dns":42,"connect":30,"send":0,"wait":27,"receive":8,"ssl":252},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/js/jquery2.js","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://semalt.com/popups/popup_wow.php?lang=en","date":"2024-01-04T17:19:42.766Z","timestamp":1704388782766,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /js/jquery2.js HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 10 Apr 2018 17:04:19 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"5accee93-1469c\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34066,"size_decoded":83612,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32023)","md5":"0a6e846b954e345951e710cd6ce3440e","sha1":"fbf9c77d0c4e3c34a485980c1e5316b6212160c8","sha256":"b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba","sha512":"14653aadeb13635ff6f108137200de430033050660b6f33b36dd15e92c10d1042fabcc8d08836374769aa8b2fe080dcdf038b8145d803f40167f54d8825aa321","ssdeep":"1536:knWi6p4BmVLFijGb2gXke71t5tgPBHlxNLIJBanUEwf7rmvsMn3lhMr:0UL5uxNL/4Cr3lOr","tlshash":"7883f9dd73c2b06257bb20b9006f640ff2364d6a280d8564f125d8e9bcb5a4d827bf6d","first_seen":"2023-03-07T01:24:52Z","last_seen":"2026-04-02T09:42:20.138294Z","times_seen":3286,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:41.736Z","timestamp":1704388781736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:50 GMT","end":"Mon, 12 Feb 2024 08:08:49 GMT"},"fingerprint":{"sha1":"10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC","sha256":"BC:5E:71:C1:5A:A5:DD:67:BF:ED:14:DB:1C:4E:F2:8E:5E:BE:D7:9A:F9:1F:7A:64:C7:3C:9B:ED:83:B2:8C:95"}}},"request":{"raw":"GET /css?family=Lato HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 04 Jan 2024 17:19:46 GMT\r\ndate: Thu, 04 Jan 2024 17:19:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":814,"size_decoded":814,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"297fe953239b6e192d6930abbb7afa4d","sha1":"7d745b678c73ba48175578c272afdf532403fcca","sha256":"78fd517a5050d068e2a9097257b7652737535fa079585c3b0d0e8d832bc53b4f","sha512":"1fcd87e22dde8e1153bb28d874cec8257e63386cdce0448d24f645e90e09fdac8708221f2c141441cc8b6160262afad721b73fa3f4a629090ed872cea4afe53a","ssdeep":"","tlshash":"b201526e11b8f493a50b052f04816e61219a8a920c66d9d96918d64c458d2ad2b43915","first_seen":"2024-08-20T13:55:45.356588Z","last_seen":"2024-08-20T13:55:45.356588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":138,"dns":3,"connect":9,"send":0,"wait":22,"receive":1,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.211.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:42.100Z","timestamp":1704388782100,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:49 GMT","end":"Mon, 12 Feb 2024 08:08:48 GMT"},"fingerprint":{"sha1":"5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1","sha256":"80:CC:7B:86:3B:74:87:87:51:57:4E:D5:46:B4:9E:75:8C:D9:BA:D5:3D:29:B0:19:02:4F:62:61:AA:42:DF:C9"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 01 Jan 2024 19:43:02 GMT\r\nexpires: Tue, 31 Dec 2024 19:43:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 250604\r\nlast-modified: Wed, 11 May 2022 19:24:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15860,"size_decoded":15860,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15860, version 1.0","md5":"e9f5aaf547f165386cd313b995dddd8e","sha1":"acdef5603c2387b0e5bffd744b679a24a8bc1968","sha256":"f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860","sha512":"2a71edb5490f286642a874d52a1969f54282bc43cb24e8d5a297e13b320321fb7b7af5524eac609cf5f95ee08d5e4ec5803e2a3c8d13c09f6cc38713c665d0ce","ssdeep":"384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N","tlshash":"1a62d0058ba5850bf5b907fb0e1ab7ee30664b523c8c42278348073970db47a6b2b1fd","first_seen":"2023-04-05T14:47:55Z","last_seen":"2026-04-03T17:30:05.462725Z","times_seen":89810,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":92,"dns":12,"connect":23,"send":0,"wait":13,"receive":2,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 229\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:46 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=TlTWJ4wcpTJ0xYfBXu9zU0oQSoyQQGHfPXeL09jw6G5IrvbjTFoEIwmqWr%2Bgwml9uCVtUywkyv203%2BACOhfq87tGmKfe%2BWYB%2BU1xXK%2FeEmZyAi9wXbf5bVISMDPjGtQU1Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 840525fdcce00eb4-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/popups/popup_wow.php?lang=en","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:42.617Z","timestamp":1704388782617,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /popups/popup_wow.php?lang=en HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:47 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.2.34\r\np3p: CP=semalt\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1708,"size_decoded":4003,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"d2e37eb553f3c37d176ad825e51e2cae","sha1":"0357823804a1107c255cea325e40faf78b78a3ce","sha256":"bae8a37a32f6575490f31f9864f258d2123af4cc5a4e61dfe16adaf98a5cdf45","sha512":"50ff6ad83f522379129d8b38bf81dd540d509b083f5ac4b19d8835ef3f4357c6c146f01f62d73c9683fe94915e76c25308e80a6eb34df584d6d9e27f99aea3e6","ssdeep":"","tlshash":"2a813e10b42da72e869f12f1347e2b1a9e58d709e7438478b1b4cd7227d14b9bb142de","first_seen":"2023-04-24T04:59:39Z","last_seen":"2024-12-22T06:43:17.350801Z","times_seen":42,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/css/start_popup_wow.css?1","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://semalt.com/popups/popup_wow.php?lang=en","date":"2024-01-04T17:19:42.778Z","timestamp":1704388782778,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /css/start_popup_wow.css?1 HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://semalt.com/popups/popup_wow.php?lang=en\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:47 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 21 Apr 2023 09:30:31 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"644257b7-1d99\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2071,"size_decoded":7577,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"3ef053e3b7794ac9ab952388036d607a","sha1":"cddbd62823ee74710357c39dd08e808b018e7b5c","sha256":"a87cd819cd50b60d600205bfa0ec8ca5552773f8c03b880663380aa88b199f2c","sha512":"414933db27f1a53e2dd229c3f324cc5aaded25a0196c07245187391e4b01d60fd16991444d0457a8c820074b77ac97c57d91f80a7bd9840dd88ded211e3581a8","ssdeep":"192:IUJEaPebZjmOE8PYK76tQAg7UleFIJtCmDN:+xtLFKr","tlshash":"f8f1f26ceb046105b27ac919bbf60796ea4a304717058978bfc0ae04cff656c4b61fdd","first_seen":"2023-04-24T04:59:39Z","last_seen":"2024-12-22T06:43:17.352845Z","times_seen":45,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/favicon.ico","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:42.357Z","timestamp":1704388782357,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:47 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\nX-Powered-By: PHP/7.2.34\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7399,"size_decoded":33468,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (14791)","md5":"585339df7d4546112bda74f94e17f90c","sha1":"20468bc103436b607341f5214db5551ff1c7860c","sha256":"064af2722c81b8ab87166ce991dfd794e0b42c1752b4e553ff47e21ca8db36a2","sha512":"fcf41046ceea8da63c284dd7baf5f0fe3f5b06a7941633b641480b03a853806167f0e375b28913f25fe67be3566429a217766d7364e70e628a5613e129d183c4","ssdeep":"384:I54AYeo8n8LFAyEjnrdTB8uR3Mz8vMHaK7EBuyHaunEXpqynMwkbs:IRYp6yUl8uR8z3HlyaUEEbs","tlshash":"26e2e611f3a4ca7901b580ccfe5f24fe6a7d41b9bb864ac9d99c857c604832c2b719de","first_seen":"2024-08-20T13:55:45.360944Z","last_seen":"2024-08-20T13:55:45.360944Z","times_seen":1,"resource_available":false,"data":null}},"time_used":455,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":454,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/js/jquery2.js","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://semalt.com/popups/popup_wow.php?lang=en","date":"2024-01-04T17:19:42.766Z","timestamp":1704388782766,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /js/jquery2.js HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://semalt.com/popups/popup_wow.php?lang=en\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 10 Apr 2018 17:04:19 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"5accee93-1469c\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34066,"size_decoded":83612,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32023)","md5":"0a6e846b954e345951e710cd6ce3440e","sha1":"fbf9c77d0c4e3c34a485980c1e5316b6212160c8","sha256":"b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba","sha512":"14653aadeb13635ff6f108137200de430033050660b6f33b36dd15e92c10d1042fabcc8d08836374769aa8b2fe080dcdf038b8145d803f40167f54d8825aa321","ssdeep":"1536:knWi6p4BmVLFijGb2gXke71t5tgPBHlxNLIJBanUEwf7rmvsMn3lhMr:0UL5uxNL/4Cr3lOr","tlshash":"7883f9dd73c2b06257bb20b9006f640ff2364d6a280d8564f125d8e9bcb5a4d827bf6d","first_seen":"2023-03-07T01:24:52Z","last_seen":"2026-04-02T09:42:20.138294Z","times_seen":3286,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/img/cases/button-close.svg","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://semalt.com/popups/popup_wow.php?lang=en","date":"2024-01-04T17:19:43.333Z","timestamp":1704388783333,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /img/cases/button-close.svg HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://semalt.com/popups/popup_wow.php?lang=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:47 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Fri, 12 Feb 2021 09:57:17 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"602650fd-33d\"\r\nExpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nCache-Control: max-age=315360000\r\np3p: CP=semalt\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":483,"size_decoded":829,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e1e6ba31d8fd7ff59d194f057bf11db7","sha1":"bdec2a651df848332df2937c09b9add9343a0127","sha256":"259758faa11fb8fd71bdd01a57c2b4e698705a26d0bb3e016c443a76ae38833b","sha512":"d804d2cdc461b522b101871a4516ae39c501ac97e0468e0dac3aa740c3c09eabc5da6f3a4fe6faf609d2f8a5df5c1af2e54cd993d803b8475ac8e021d583d86f","ssdeep":"","tlshash":"9901129c8392d8745616c12c32f8b545c93a2cf7a0e090ccbc93246beedcc936791b98","first_seen":"2023-05-07T23:27:59Z","last_seen":"2024-12-22T06:43:17.354426Z","times_seen":44,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/css/fonts/MyriadPro-Light.woff","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://semalt.com/popups/popup_wow.php?lang=en","date":"2024-01-04T17:19:43.338Z","timestamp":1704388783338,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /css/fonts/MyriadPro-Light.woff HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://semalt.com/popups/popup_wow.php?lang=en\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:47 GMT\r\nContent-Type: application/font-woff\r\nContent-Length: 26040\r\nLast-Modified: Tue, 10 Apr 2018 17:04:13 GMT\r\nConnection: keep-alive\r\nETag: \"5accee8d-65b8\"\r\nExpires: Thu, 04 Jan 2024 17:24:47 GMT\r\nCache-Control: max-age=300, public\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26040,"size_decoded":26040,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 26040, version 1.0","md5":"838738f3b35fc9fa07304bd13e270b4e","sha1":"be91a8425ed7003e39ff42ffd640f3340084e0ac","sha256":"57ca1ca3d414c1055d5b161c14e45fbf592991f70e4a76ec9ffa8450a8be212c","sha512":"e0ad25d00ba0a7622f08c08567ed518b7fe2bcee29d4a208c976b25a223b9fbbd1403b52087d64446ec16279efebf5fa0277890a074b040a500ed29b10a8f2f5","ssdeep":"768:1aGHYHICTFEwnFiQKxy3FR6nuAKkZrdtZs:bHChF1FEK+r7Zs","tlshash":"89c2d05dbff98268f4546be072186b9e2fc3f401180914cb5cec4d75a0ab9ab9ff9064","first_seen":"2023-04-06T17:46:07Z","last_seen":"2025-11-18T07:21:40.613063Z","times_seen":51,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"semalt.com/css/fonts/ebrimabd.ttf","fqdn":"semalt.com","domain":"semalt.com","tld":"com"},"ip":{"addr":"62.112.9.54","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://semalt.com/popups/popup_wow.php?lang=en","date":"2024-01-04T17:19:43.349Z","timestamp":1704388783349,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"semalt.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Dec 2023 08:08:36 GMT","end":"Sun, 03 Mar 2024 08:08:35 GMT"},"fingerprint":{"sha1":"1A:3D:13:3E:FE:7C:50:AB:8F:5C:E7:78:52:A8:9B:DF:44:69:50:D2","sha256":"00:B7:64:F9:3C:D9:8C:8B:97:B6:0E:C7:A1:EF:47:C1:8F:E3:CF:6E:BC:9C:76:B8:E6:B5:0A:EA:A9:2A:3F:D6"}}},"request":{"raw":"GET /css/fonts/ebrimabd.ttf HTTP/1.1\r\nHost: semalt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://semalt.com/popups/popup_wow.php?lang=en\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Thu, 04 Jan 2024 17:19:48 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 879648\r\nLast-Modified: Tue, 10 Apr 2018 17:04:13 GMT\r\nConnection: keep-alive\r\nETag: \"5accee8d-d6c20\"\r\nExpires: Thu, 04 Jan 2024 17:24:48 GMT\r\nCache-Control: max-age=300, public\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":879648,"size_decoded":879648,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 23 tables, 1st \"DSIG\", 60 names, Microsoft, language 0x403, type 2 string, NegretaEbrima Negretatu","md5":"b46c4880c25d0ed3089d78074f6cdb99","sha1":"3ebcf6245495f92de8dce8b193bb6d030aa889e2","sha256":"045f67887bf9347cebf12e153a3d7a10d48c064eae9fec936834debf520e8195","sha512":"6e4995312c0bec614f9e5fc5fc133e63dfe1c7c03e39ddcb4d9dabd1354e66be4688b610404d75e3de44d4734d07ed55227aaa283b506843a4e376d6ad6605ce","ssdeep":"24576:YdzvlTLQxczp07vZO8m24kXqgKdfDjIzQW8bY03OGOkfOyYCdDvOFXx:Ydzt3zx/24kXGdfDEzQW10UkfOyYCRm3","tlshash":"6815af092182eb9ded1978fc6812f7664fd66e7e0690c7f73d8c60bddd8889c0511b8a","first_seen":"2023-04-06T17:46:07Z","last_seen":"2025-03-11T05:51:50.68962Z","times_seen":46,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":56,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 230\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:48 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=2eDVYnot99UOdIcel44lgvODAaiSd0QZDi2lsg0WRmSf%2Bv6uKqicdciu14uirMjjDCt5goBiaHi9Q43VQX41ahyl608%2FaN9m%2BhaVp02xri2eUiwtRHVptOeFuSXJEzQqJQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 84052609dce528af-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 230\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:50 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=dqcKhbVAbDIHqToKbzSlJFYgdYbq45f5RFu4J0QhYzPurkXwhEZhF8%2B8FXNC0RAajTi4s7hqGAnWbca%2BLlFtS3O0bgKrOZiqZBrdd5FiZWgNYPSLNptoDDbdiRVN%2FZvC0w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 840526165c30b927-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 230\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:52 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=yiOC%2BP1jTIHxPuGk55gkcy%2FvWaJmLsNUk3vyo8AeZIblDPDw1BSq9OpLiLXztRZkYC3bWNlhw8%2FsGvoovVYyCP8WJFuIY6rzMI2hF2edOzgcn77KqLI%2FtXUsVpeR9Han8w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 84052622dda2b7ef-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 230\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:54 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=rZxumKcmel1obFF9Ca2%2FnvHcI6bw5c8ZWB%2FOP0zSGqAzbwEc3KdtzRlkxJ8xFFQO5%2BVg%2FG10ZabGnm%2FiuXA4QIucfk0IeJsPH%2FjszkQerAeV2ajSiNx8RZjm%2FyNv8k%2B%2BjQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 8405262f6f266626-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 231\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:56 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=IUwfP7ZLWTxz6iXmZ%2BKgOV8%2BMmw5j5huuR9nEjhPLm1ZMd3BFx4Qpd6Ydu8Xo%2BA6kWY41X73OmN7YyvltQOR2bg5N%2Fses27lw%2BC7VoBWt1sDvzcJIsw%2BFvovikCq%2Fh%2BSbg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 8405263bd9860e30-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 231\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:19:58 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=dGgvlQgpC%2BeKzzKDRA00i70LSRRjFETjeic9M8Z1%2B%2BlTW1XrIHSFArzo%2Bmj8X1bnv6I8HcyJFff6iv3Bnqc6QKKp6lmE92FTuWvIUKk4W%2FkRrtBp8MNeJ86TfXyUrcqocA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 840526485bf1656d-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 231\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:20:00 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FSwn%2FCqWbtOnnRa8dj4AMhySmrNAgDCEaDmRyMUrhP077Ds4rPGoujUtC8idtC8nUZH2X7MpoOyp5YN%2FFhTE2wSYb%2Fc6LhiM2w70934%2BtVGS9rWN8cTMFJmKBKKsRxVb0A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 84052654d9e866e4-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 231\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:20:02 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=hz9zbid5DMnE%2FAlQEQ4g7E9RG9lFaDaEUoaicwAxqvO9yt8r9UoPTRgpIDUrYG3Cqoe3YIvFoNQtkFHOm2C6DDh7t6tDV%2BHU1h1FVy6%2BPaPSA6tDQoS5E7aXpl%2B79NromA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 84052661581c661a-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 232\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:20:04 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=2BmmicRKzhaZIGFEXYEyYQ1MpCPIcmYefodqGmjXO9%2Fx5O8XS0JEUFK6Iv1tp3uD3REc8GKHmCqTVfXJ45Q3k19BYfQ14oyv5uxoecSyDhuAVW7rWpj%2Fo3cnDTredsRCVQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 8405266ddde40e48-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uz.mediageting.com/actcntr/api/send-heartbeat","fqdn":"uz.mediageting.com","domain":"mediageting.com","tld":"com"},"ip":{"addr":"190.2.139.23","port":443,"asn":49981,"as":"WorldStream B.V.","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:46.104Z","timestamp":1704388786104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediageting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 Dec 2023 04:10:31 GMT","end":"Sat, 09 Mar 2024 04:10:30 GMT"},"fingerprint":{"sha1":"B7:84:9F:F5:1A:1A:9A:FA:7A:6F:69:4D:BF:7E:5A:36:4B:17:A5:FA","sha256":"5B:F7:A3:0C:24:F9:A3:CC:E5:D3:EC:36:1D:53:33:FB:91:23:5D:93:05:59:91:DD:5B:56:00:66:5E:ED:65:8F"}}},"request":{"raw":"POST /actcntr/api/send-heartbeat HTTP/1.1\r\nHost: uz.mediageting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 232\r\nOrigin: https://uz.mediageting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nCookie: si_user_id=4q4AKXzM_1vt7Gh; si_sess_id=4q4AKXzM_1vt7Gh\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0\r\nDate: Thu, 04 Jan 2024 17:20:06 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Cpr8d2Vo5QfAlb2FvFtreyh29p5aX%2B9Tk%2FMLXNrEydR%2FjWJ6R9Xezy0qN%2FO3gUdBOAK54yjenDDwGDKLba9q0VgwbUwpC3yKbphdYv5E0H9nuCu8kjp6V6vEKE%2FTbPl25A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nCF-RAY: 8405267a5c180b7d-AMS\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":3,"mime_type":"text/plain; charset=UTF-8","magic":"data","md5":"344cb90c9cea24e3fd7d53c37a700afd","sha1":"4460d93d41e542dbffba74b05bcfaf5bf88327d0","sha256":"fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a","sha512":"141250845ba6190c7dc835b6f6dacf288ed1bf685023e2cab7752235c0a6a0861550ef68386f511a3fbe11ae43fad7e7add8f9aa0c01fa36da0407eb29086745","ssdeep":"","tlshash":"c720000000000000000000300000000000000000000000030000000000000c00000000","first_seen":"2023-05-09T05:50:04Z","last_seen":"2025-03-01T06:59:50.876057Z","times_seen":1398,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-01-04","alert":"Sinkholed","trigger":"mediageting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:41.739Z","timestamp":1704388781739,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:50 GMT","end":"Mon, 12 Feb 2024 08:08:49 GMT"},"fingerprint":{"sha1":"10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC","sha256":"BC:5E:71:C1:5A:A5:DD:67:BF:ED:14:DB:1C:4E:F2:8E:5E:BE:D7:9A:F9:1F:7A:64:C7:3C:9B:ED:83:B2:8C:95"}}},"request":{"raw":"GET /css?family=Roboto:700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://uz.mediageting.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 04 Jan 2024 17:19:46 GMT\r\ndate: Thu, 04 Jan 2024 17:19:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2130,"size_decoded":2130,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (2186), with no line terminators","md5":"e189b3eefe748e171e74f6e7573926a3","sha1":"f1ea2bd01c0aa32a0d8e58d382384f564c0d1d13","sha256":"5a6c8c37c6dec2f8da0fcc353b3c47eb8144769877382157a9debf270027dddd","sha512":"77ca97a5b5fa9a9904e3ffa2229ec7c4dbb7e2fbfce3fdc913d0f42475787cb526305ccbbe6127a7f3c476ee03ca0eaaf29f56f2488114d48e288a8cf9cc8e84","ssdeep":"","tlshash":"d4416792180f6404a7830ee673dfb930b90f2b1560629133abfd6cae9dc7d22535579d","first_seen":"2023-05-08T17:56:54Z","last_seen":"2024-08-21T09:32:34.962619Z","times_seen":71,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":125,"dns":4,"connect":10,"send":0,"wait":25,"receive":1,"ssl":131},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rankexperience.com/articles/img/1802-2.png","fqdn":"rankexperience.com","domain":"rankexperience.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://uz.mediageting.com/","date":"2024-01-04T17:19:41.865Z","timestamp":1704388781865,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /articles/img/1802-2.png HTTP/1.1\r\nHost: rankexperience.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}