{"report_id":"489f76a2-f75e-4000-9f2b-22389ec08973","version":6,"status":"done","tags":[],"date":"2026-04-07T02:37:46Z","url":{"schema":"http","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"final":{"url":{"schema":"http","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"title":"welcome-球速体育","dom":{"size":151,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"05bf1f2930cb26eb431c27c85e9173c2","sha1":"809ac4aaecdeb01504b6368a794247c84e92e554","sha256":"cf324f9eb205a8e6493c9b903c46498c61ce485ba1d53ef20375910b0cb054cd","sha512":"ba820bdd508aad8a86fedf813269043a1bbd0170609edf6084db195c52e823cc943902618a7ce38b4d5b130a175e2cd2dbe8bb7e283d8de26ae30ebe2a07c02c","ssdeep":"","tlshash":"3fc08c06786f240cab0351c20a873e80d545c332884e48408b82029b70cb427c0c7728","dom_hash":"domhash18da208b3b39949e9ba09528a720f5c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T02:37:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-07T02:37:23Z","timestamp":1775529443,"ip_dst":{"addr":"Client IP","port":43538,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"168.76.62.65","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 31","source":"{\"timestamp\":\"2026-04-07T02:37:23.765834+0000\",\"flow_id\":1283439003424128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"168.76.62.65\",\"src_port\":443,\"dest_ip\":\"172.18.0.23\",\"dest_port\":43538,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400030,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 31\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":54,\"start\":\"2026-04-07T02:37:23.513408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-07T02:37:26Z","timestamp":1775529446,"ip_dst":{"addr":"Client IP","port":35944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2026-04-07T02:37:26.087442+0000\",\"flow_id\":452601202349624,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"168.76.62.65\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":35944,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"m.aiglez.com\",\"url\":\"/tj.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://m.aiglez.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3180},\"files\":[{\"filename\":\"/tj.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":6589,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1424,\"bytes_toclient\":3935,\"start\":\"2026-04-07T02:37:24.529976+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"www.gnbzi.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"www.gnbzi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"www.gnbzi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.aiglez.com","ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"domain_registered":"2025-06-04","domain_rank":0,"first_seen":"2026-04-07T02:37:46.72239Z","last_seen":"2026-04-07T02:37:46.72239Z","alert_count":93,"request_count":46,"received_data":577393,"sent_data":24177,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"jquery-web.js","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-02-02T06:12:35.664994Z","last_seen":"2026-04-04T04:42:50.44247Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":317,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gnbzi.com","ip":{"addr":"38.47.60.121","port":443,"asn":151061,"as":"Winning Partner Software Development Limited","country":"United States","country_code":"US"},"domain_registered":"2025-06-27","domain_rank":0,"first_seen":"2025-11-06T02:40:35.048023Z","last_seen":"2026-03-30T06:56:04.224628Z","alert_count":3,"request_count":1,"received_data":325,"sent_data":518,"comment":"","tags":null,"fingerprints":null},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-04-06T05:04:06.615629Z","alert_count":0,"request_count":1,"received_data":360,"sent_data":386,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"ef4239dc0df905cb4c0e7cf5c76f8c32","sha1":"26df0735928345b743a059db6f90c884ca64c705","sha256":"9fc7e1f43d5e48d527d44b0a83f97405421c892c40bef5c9d02021b4658233b9","sha512":"f69cbda17b4bfa4f57000a04136d16cfceacb4ac3e2480d91b97a8411f64682d0e6fc54139e523c8eea12035eebd1bf9e468305a28839e860e7279111a440c2e","ssdeep":"","tlshash":"5660000000c300c000f0000c00030033cfc30cc3f000000003000cc00000000000cc30","size":12,"data":"","first_seen":"2025-09-19T04:09:21.487526Z","last_seen":"2026-04-07T02:37:49.714376Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/tj.js","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"34cdeac2b7310d671d72d247dc6d45ec","sha1":"456455032a5b7c0ccbc644f3bfc79a7d5c8689dd","sha256":"e113dbeae48812d0bdb89ad0791d4055479920005c349b05cbdf9e44ef8749c5","sha512":"a8c999c6769740167e4c3b22498f52c1df1b21995d1b268644cf89c9c42a4cf83e22b3d05b830af0051e2215197ad951ac15ef882c3e4e5777f3388eb8bb0224","ssdeep":"192:PIGOo3yZoOClPvoYlMFNuJDygKLzGQqx82EiYQ:PBCZoNlnj/BYzNK82n1","tlshash":"d2d1c8857be060c943529b83773fe0d1dbbf5906be611c8ee604fd8c1fa99088b82970","size":6589,"data":"","first_seen":"2026-02-22T05:52:20.913958Z","last_seen":"2026-04-07T02:37:49.670114Z","times_seen":376,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-07T02:37:26Z","timestamp":1775529446,"ip_dst":{"addr":"172.18.0.23","port":35944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2026-04-07T02:37:26.087442+0000\",\"flow_id\":452601202349624,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"168.76.62.65\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":35944,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"m.aiglez.com\",\"url\":\"/tj.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://m.aiglez.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3180},\"files\":[{\"filename\":\"/tj.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":6589,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1424,\"bytes_toclient\":3935,\"start\":\"2026-04-07T02:37:24.529976+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-07T05:48:14.164645Z","times_seen":82362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3c1bb082d966d6f6b23fe484e34253af","sha1":"d10fd595b126c3729af4828a95479ec2fe50b281","sha256":"58cfb7af97a527537adbb830ddf295072a545a51529a20ce14b73b0722090259","sha512":"5a46bf230c9d485d81b82768a9b616ad7c822a1ed2b45dd108524d95adbb139a151b267f9318b3dd6c564d91203950e64b665b296ca35460a6e1acc59e726226","ssdeep":"","tlshash":"c690020c04db24459c86a0200110a3410cf3107000d44ef42d2e60418a42408680f32d","size":54,"data":"","first_seen":"2025-12-23T15:01:42.194841Z","last_seen":"2026-04-07T02:37:49.716365Z","times_seen":237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5f76cda20f6eaef6e0e4501431bc9718","sha1":"8d6e99424c07e5fd61d985f628f8d1983d099928","sha256":"becc298d21008152e5a47fcf0d6df7ba1777adb842b8220b10a114109154bbe2","sha512":"b594fef0b005c5f9e2abc583237c5700c7f4d3e95a525d290363ec58158a51e4355f9935a72adb3141da564a27ab7cc8a6d8fd23009b1c2ee9845ad9bccb061f","ssdeep":"","tlshash":"01b092929451a42e533287231166201883a9baa0fb461480e8589acd4ce9b44d9b792d","size":116,"data":"","first_seen":"2023-03-07T13:03:49Z","last_seen":"2026-04-07T02:37:49.717028Z","times_seen":12429,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIDZUNDOINSDTPtcJINLTN1qGPNVqKxIJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.091Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIDZUNDOINSDTPtcJINLTN1qGPNVqKxIJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4746,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, baseline, precision 8, 270x220, components 3","md5":"6d7d77a91200591cb5d3843405cd851f","sha1":"c8b74b2a34fae050f4f2450c7e864742410803f6","sha256":"d6c5f54ebd6be41683a6cba959f8a929446809a202892dafbe4fbf41360830b8","sha512":"6dfcd1d4d9e780486690d44e69a7c9183adc32fa7ad1e6fcccee698bad3af4587a8bdfac25bab091c150fd6f36d2b964787a31dae1b1b0ab274722ff5256e2a1","ssdeep":"96:n2u9v6P+NEytkTrAe86w9UCWiT8FmM+6HmgTG+Y5i:n5UP01tkTrMUCWblHRN1","tlshash":"4da12ad3b3bfaa25db85a2b88351a14043f413c49a3ba18f50c5607cd60c2f64db82e9","first_seen":"2025-11-09T21:03:23.338174Z","last_seen":"2026-04-07T02:37:49.610206Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3712,"timings":{"blocked":3122,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIDWJHtpOOtZSNSHSNtHONt0SHyZrOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.100Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIDWJHtpOOtZSNSHSNtHONt0SHyZrOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:29 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7768,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"2361aa82cae95c41354d961bd5edbe1b","sha1":"fa2800f51fe69cc7dc1925abdfb275de448dcade","sha256":"d475670041f52842f5add6ddc63e610fe45993ab243c9571e3a57afb87a6969f","sha512":"71802b22d1558c61fa19a8c4231b7be2c9ceb8e3103432afcd0dfae6f032298e65b8380b7847b7a21e487fa13265520ddd14182312e7af3b6686005e6f6e2f07","ssdeep":"192:/GvAjTHxjhzW3wR7Kq1yLuOfbUKc4iwUMf3SzDRpX7F1Z1Ob3h:+vMd0hiOczE07Fb1ObR","tlshash":"92f18e171c8992e2426d5ef83d031dcd9b490359ac276fcf0670f7e97c602ca499e80b","first_seen":"2025-11-09T21:03:23.322718Z","last_seen":"2026-04-07T02:37:49.615491Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4183,"timings":{"blocked":3757,"dns":0,"connect":0,"send":0,"wait":426,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqONIDIjRYNNSHPyMFIjODHDpTH1RqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.108Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqONIDIjRYNNSHPyMFIjODHDpTH1RqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11489,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 125, 8-bit/color RGBA, non-interlaced","md5":"627c7de839a490c66b27bc29310f385e","sha1":"c3513cf542022f347de4b4d308606908a608e359","sha256":"dc418a7671f77845cd0b636698a20f8289aa286126751ec6e95c28fe62f4b1eb","sha512":"1cfa8d63ec274cf9b685819bb88f62f3cef56af1d27d6f8f96c379f250c25a0b550e262785cd751304c429071e31bfc4d341887af2d9ae4c0727e545b1414d60","ssdeep":"192:M+5js5khiPo5ik5ZPrTNgZ53ZVUw0Ck/POD4G0rh8IKCv2i3TY5U7ZvuKHX3:345nPT+NrxiZVUzVOD4nh8IKGTY5Ul33","tlshash":"f132c054003e6a4fa74cccc8034a65e02de56506d6140e77df8dfdd7e2f936152e12a7","first_seen":"2025-11-09T21:03:23.357621Z","last_seen":"2026-04-07T02:37:49.618886Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2429,"timings":{"blocked":1903,"dns":0,"connect":0,"send":0,"wait":525,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjVTINIJIDHRP1qKNjyKPtADN1pqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.110Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjVTINIJIDHRP1qKNjyKPtADN1pqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 105, 8-bit/color RGBA, non-interlaced","md5":"2c4de39dc5797b584fcfdc8d85838782","sha1":"17a03bf95e68a689042eab961c4a67957cedc3b7","sha256":"28a1eb49796021a376c14346a237b88c4c3791eaeed655bb4073d37cc261419c","sha512":"adea22850000bb8c93b6b102645a7d0759f1135276d2bdaa485d3c4db4a1160ff21f23f2bad52bcda52c5588385587d39b23ee749160344fa991422ab6c89bcf","ssdeep":"96:yquZEi2Ndouqeku2SP29XL/pgvRN4kNIu7/0py9A+bFYlHa5p6Um0Pi/:yJJ0KuOudu9b/p2N4W9j04A+GFa5pl8","tlshash":"bfd19ef6e82d184b8b1f8809c1805fe5f3de2224cdc4f083124a6011976d71a5b8efab","first_seen":"2025-11-09T21:03:23.325121Z","last_seen":"2026-04-07T02:37:49.621626Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2613,"timings":{"blocked":2173,"dns":0,"connect":0,"send":0,"wait":439,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqO1RZHtHPNtHRPyNSISDTNyRROypqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.113Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqO1RZHtHPNtHRPyNSISDTNyRROypqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7097,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 105, 8-bit/color RGBA, non-interlaced","md5":"1b4ee86ae1ccf399cae6e8a76fa90aa5","sha1":"9ab2806fb81402b79201b551a5365696b06b2c3a","sha256":"5466104d216d5db2043293ba85db9dc41a3527678d8cfb69b61056e0956c9d1d","sha512":"43eb1ac0251b4713c2774b37afbd103c465e7bbcde4f260134fbc4f99cafe4e97fdce9e4ddf9b7b94fb9c1dd0e3c15c1892b9f79b5198384d9c3b1bbc9122af6","ssdeep":"192:i7QJI/kFuOofzfBP+xE1wVUMVoRIzgypJFYHE:iUI/kFuOgWQIzlFYHE","tlshash":"0be18d40e413219ed2511d6f5a8fdfe163a3b38f7aae41800974ce1a1a226a5d8237fd","first_seen":"2025-11-09T21:03:23.311249Z","last_seen":"2026-04-07T02:37:49.624036Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2931,"timings":{"blocked":2423,"dns":0,"connect":0,"send":0,"wait":507,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnHyAQDSMMHkkKIRSTHSkHU0WoEN.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.234Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnHyAQDSMMHkkKIRSTHSkHU0WoEN.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4823,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 70, 8-bit/color RGB, non-interlaced","md5":"32f7cfbcdc6f3d17c2b8cc95c1849ed8","sha1":"39cb0f39e4365833c15ce957ee741432ce07658f","sha256":"017d5966ed572a3162808955dc695d18c080669f836934547c3dd8a8611bbc10","sha512":"eeb72af5a9e3112d72b6620a535c0c444bf5fe4dc4facfd9cf02f5eb45d6512bee487f99c0df55fb54902f75fc51c254127346d7a877f183dfdad640a7115a2f","ssdeep":"96:2ly9ExRHgRWe2iU/tI9YUhd8eopjawJsizGYAbrBjD7DZs82p5m45:2ly9GKl8/tZU3rOfJfGY6B3Ip5D5","tlshash":"e2a17ed35553d5636ed6fe2707392580e462c0f10ab1124a627e40d73ae325fb1e3d6b","first_seen":"2026-04-07T02:37:49.62712Z","last_seen":"2026-04-07T02:37:49.62712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1249,"timings":{"blocked":556,"dns":0,"connect":0,"send":0,"wait":692,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqHxHoDIkH.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.872Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqHxHoDIkH.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8766,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"a32e2536a6d81a1ec37f5c7d2d7253d2","sha1":"acbd2d27c7be0fff172c07897457ef29d0505044","sha256":"0d67f6c2ab40b4d922687a4edbb4ff50ee62f99f929fb2f6b6ae67c5dbecd912","sha512":"0cb79ba6e9bd945216c92d2b7eba2f9d54c6f6e798d99e88f540400bff00dcba30335cc36df8734f864a59a9c90356d48c37d3390e1e2f7d605c87adab598f78","ssdeep":"192:XGwxSQt5JCiaqWPmFmswrg7rpM+3urvzR4XzECGhKJLGNhMDijIo:XJlXxUi++3mvlsROUo","tlshash":"e302afe933dbb48a8b4d9797f8f9b4864772d46c2fc119f440870c866ad618d09acac7","first_seen":"2025-11-09T21:03:23.367444Z","last_seen":"2026-04-07T02:37:49.629425Z","times_seen":4,"resource_available":false,"data":null}},"time_used":957,"timings":{"blocked":483,"dns":0,"connect":0,"send":0,"wait":473,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOjpNNNOFNjRNHNDANNRNHNDNOIZqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.092Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOjpNNNOFNjRNHNDANNRNHNDNOIZqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42056,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 270 x 220, 8-bit/color RGBA, non-interlaced","md5":"77b3af2a85b55bee47564a4c1f4b1b90","sha1":"b3b360f6e24f59b2cf5089ad48cc68af3332a7f6","sha256":"382e9fda5787c7e2bfe8f41cfdea08b17f1ee7ce9c3675649f648a535d3546e8","sha512":"4666f38ff02bf6e15bd5b29fd354781ad85faa733bb6d3d91cdc56f85f0fa2283e5a4af03441b56fa87e70b8a8313c6613cba7560e76f92bcbf0e695b1b028a8","ssdeep":"768:mlxWLMy50UlizSXy+1cYKZ1hDUSmntXi/nKWqVzXCvPd3D3l4nzB/:mlxWLMyeUIzAsYC1hLAt2c1XCdTV4nzt","tlshash":"251301702cae813db719b82b41cc35bda1e3f16c4540d7e7c78678a86b149fa7274ba1","first_seen":"2025-11-09T21:03:23.353455Z","last_seen":"2026-04-07T02:37:49.632111Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4123,"timings":{"blocked":3356,"dns":0,"connect":0,"send":0,"wait":510,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOjHTNyRTONVVINNQO1DYOSLOHSZrOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.102Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOjHTNyRTONVVINNQO1DYOSLOHSZrOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:29 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9092,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"229fa7f851b99cccbbc7456e4e0bce2b","sha1":"3611bd181e30c55a818cfbbfba5c1d007ef3e2a2","sha256":"4baf55221f9b7c0e6fbdb593861ee7e681dc545e562d9d37d9c094cfa163a60f","sha512":"7382c0e72725d9f7777ac816137ea1b3a42a46a2e0cb0ddff937473290fde547eb1ee1141cde704bfa0226f5715d60d28aed8569b5f29aefd79805a987cc9a01","ssdeep":"192:/GvExDCt5ZHU9W2RWTVEPJ93kcZUx8kh7X6p6EC46WujU5gfJ2Ty:+v0DuzEPpBZkcibhREC46WujUY2Ty","tlshash":"4812bf757a033c66be429df9a29389dab2d1cc47ee0663004f78df71f6410e260cc846","first_seen":"2025-11-09T21:03:23.328309Z","last_seen":"2026-04-07T02:37:49.634854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4110,"timings":{"blocked":3702,"dns":0,"connect":0,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNyHQNDZNODZSHjbOONDNIDWEHNHrHDDUNtDUNNpQONpUONZrOtVOFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.232Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNyHQNDZNODZSHjbOONDNIDWEHNHrHDDUNtDUNNpQONpUONZrOtVOFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9639,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 270x220, components 3","md5":"18e399f783d1b1af44f93e70dc551b5e","sha1":"4856267e27e88673fc395ac59b93e90413726f12","sha256":"28fdbf2a38b8e06cc855154eb87a242d9cf6354562ad14917a7ef597214b1199","sha512":"92b4111fef6ec8c8d1a8a91be03a27ec09436f16fe2ebd8ec170f29bc88c1f99279268a3ff70af3d8e6b5d9240cce072e9118ea78362ba5c98bdcfd102c563b1","ssdeep":"192:/GnG8ktMWGnM74k1tSR66tu8IYXRE2099ZTZ8EpJO6B+rs3bSmYfCU7bm5UJ:+nG807GnMJTH6k8I8oDTZ8EpcMemYfn3","tlshash":"d512af2f8ba10981a45a0dfffd455b12b39e3581be868f6cb672e3d35d642d46c40238","first_seen":"2025-11-09T21:03:23.306185Z","last_seen":"2026-04-07T02:37:49.637423Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1013,"timings":{"blocked":557,"dns":0,"connect":0,"send":0,"wait":455,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqPtMEOyRONtpTI1VAIyAEIDHAOSLqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.857Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqPtMEOyRONtpTI1VAIyAEIDHAOSLqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9504,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 39, 8-bit/color RGBA, non-interlaced","md5":"3f07304c23e7555d87b8156fc56b9d51","sha1":"c80be6fdbcab17015fd845b8175867d7f46414e9","sha256":"841097cc6d66fb9f2cd3d725bf695c25ae0ba9d6079e0011cd7762964760767a","sha512":"d7855489fcb362d1d89f4e55814fde05418409c1c0f73a71ed7500ad2c2354e914a4ae2c4ffbd7a25612274c342e5730e3c9e59cdf96e0c044db739ff6c53f64","ssdeep":"192:kf9i3XmEVnbwp2VyCiqKH/cT7gPkBuZnyl0jeVVPBveYl5IIgwrUiRb2bf0TVlhW:kw3BVnUp2Bin/XPkQZYqe/4viBkEViv","tlshash":"97129fc6eda01a7175560942c2a8844057d98b98b2f372b38b0dcf055b5fe72a7d5f81","first_seen":"2025-09-19T04:09:21.456624Z","last_seen":"2026-04-07T02:37:49.639583Z","times_seen":6,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":300,"dns":0,"connect":0,"send":0,"wait":447,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqJIjoDIkH.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.875Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqJIjoDIkH.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"4c87e10ee5eea02b4670cf2414f0c060","sha1":"0661810390a3c844f9dab6a5e1cbe137b5a3c2cb","sha256":"8eb8543a0ed0fb6ab0a4605baf6cf844a7bad8527b76737a4cad7f6964c3bf53","sha512":"f94b8663b10fb628d020fc7ba76756d65f1c84355132db18e650ad8ca14267ec43b9ad1aabfa87f228987786eb3f25ceddb9105b829e86908680206b87f72b42","ssdeep":"192:2lqt3a0EqiiEbdXAeIeWGgYy0cbPBwLWnfwNUmZiAES6jf:2p1HBNmYyBBwLWoNDoMM","tlshash":"78e18e55423476bf146d88004475ae213201aa1729b47f1a1396fd46a7dcfe1ecab5dc","first_seen":"2025-11-09T21:03:23.368353Z","last_seen":"2026-04-07T02:37:49.642135Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1136,"timings":{"blocked":608,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqIRZoDIkH.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.876Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqIRZoDIkH.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"3fa1c568a9d20d79174a9c9ef9016eba","sha1":"7f83f226454503b5e0e901fc79c39e1abb6680cd","sha256":"02a88bb5b329ebe80b4bd086d05eaabf4d24c1e18a8aaabde091b0e333d95d50","sha512":"21865bc9e940af48bff1a3fc62ef2290c08ddcd0572f8ccb7e8b49df9573f33a09c50c71b43e40ec55ddf7f0d4171c2007c049d811ec7abab85b7cbd4502a1d1","ssdeep":"96:e3u7tZ9DxUnn0EdiDD34N4R+3lIpvJlYriPNbPCH6lXoEoAnZ9P:e3u75DmnnDQDbtwIpvJlQiPNjCH6lYEb","tlshash":"c0c19e07fa34523d8a4cc082297564dfa850ffee17286f9d51831eb580277c561f6640","first_seen":"2025-11-09T21:03:23.342262Z","last_seen":"2026-04-07T02:37:49.644769Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1236,"timings":{"blocked":728,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gD1knK1pqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.882Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gD1knK1pqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2716,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 96, 8-bit/color RGBA, non-interlaced","md5":"9fbd397fba2d456169aa87055a1db0ff","sha1":"149d232b9c9e6ced6fff2b97d590cf74090b8dbf","sha256":"0bf64cc708c970159e2f378e6626d67c6e2ab15ef5998a32247a8867562eba84","sha512":"65d8c5e80bd234cd7bba7b9c066484f1559261be8b103f72cfdd6b150da640ae9b299b1c65667993e3bffd901572695f35ec0a138da04c750a3e1d72edbe4475","ssdeep":"","tlshash":"41510886f8108441f1129a0a35f65922ceb689909cd0f753f9eee8566da1cf1cced8db","first_seen":"2025-11-09T21:03:23.369319Z","last_seen":"2026-04-07T02:37:49.648062Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2330,"timings":{"blocked":1832,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gE1SMU0WqHj.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.886Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gE1SMU0WqHj.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 120, 8-bit/color RGBA, non-interlaced","md5":"8a805a7ec4be5a1fd461ce4877452070","sha1":"4e4f56a9b6212a0e8d3d828055a95ee87ec6e857","sha256":"08af6905ecef658c292d326928c8faa2390e02aaa1fd7ed15a4ded3aa1723f8d","sha512":"645a47cc1ed794d547ef564393f2ea221e2a0c7e4100bc111038a042c23dd8642a59aea17bbc8473ecd57a2c60207e5a97625f86560dece0d8b7af52f8ce4bb9","ssdeep":"192:LEsQU4Yxq/CV8lDED+fwtSFyka6RUcKJ4kuoBOb3g9:L9q/CVqDM+ESF/ajhTnYri","tlshash":"78f19e84eff7dd224aeaac434cc1849b4b126a500b54aaf1f91d3ceaa834dc514ce1e7","first_seen":"2025-09-19T04:09:21.431664Z","last_seen":"2026-04-07T02:37:49.651061Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2636,"timings":{"blocked":2051,"dns":0,"connect":0,"send":0,"wait":584,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"jquery-web.js/","fqdn":"jquery-web.js","domain":"jquery-web.js","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.081Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: jquery-web.js\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T06:11:49.187712Z","times_seen":13450766,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNjDQOjNSHyRUNNHUHIDYIypPPDDrHDDUNtfSNjtQONNTODNrOtVOFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.090Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNjDQOjNSHyRUNNHUHIDYIypPPDDrHDDUNtfSNjtQONNTODNrOtVOFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7103,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 270x220, components 3","md5":"5a6af5dfbe19e4e89d44d41338cae4ec","sha1":"b8f6686e11618c01d5d779040d4c0999696b4a6a","sha256":"604ed3058364e76776df493e135c36522df1499406a1549a021341f09a91a526","sha512":"0b0fd5b221b05986367795d5941fa63dcfcb3bfa98e14e5502c25cac6c2afea8e3d22cad6e0d7c911d6a1d226e499bc3326e303dbcfee95808cc2fc327c6bfba","ssdeep":"192:/Gnq43V80eqGaWscd7xIUhSsluSZSfn1SoPGvJ8i:+nq4F81q67wUDluSZSf0vJN","tlshash":"d8e19f6d52e545148d1bdcbc01483f71fece82c0a2abc7508679e99993038d8a089dde","first_seen":"2025-11-09T21:03:23.375333Z","last_seen":"2026-04-07T02:37:49.654441Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3628,"timings":{"blocked":3034,"dns":0,"connect":0,"send":0,"wait":593,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqItMKN1SFIDVSH1pQQIVRODHNHNprOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.097Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqItMKN1SFIDVSH1pQQIVRODHNHNprOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7993,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"8378a0d9ffc4262b5cbc5cff42eff0d1","sha1":"1bc872a9c8cf80715e84c3248ca04dd053963c1e","sha256":"4540a7534b99012486be73a3e92cc92ffa3600cd425b7d506f5f24e7529ce36d","sha512":"3e1ad5ab2df1431d6dfa78e236fcbd52c851fa36d0bbc3a0637fb2b50609581cb5183d655d14822043cf6c63627df49fc600a2b2bc6c048185ab3522cdc29850","ssdeep":"192:/Gvjo1gLDgP9umaIMS2zBcwYX8EAZyaRWAhF:+v01gHgPmIMSKcwYMEA4aRW+","tlshash":"e1f18e83090055d4a47c1db0dd074bae4b943a08e6d7e8bf2271cfe2b9f06e94c5907e","first_seen":"2025-11-09T21:03:23.366526Z","last_seen":"2026-04-07T02:37:49.65688Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4063,"timings":{"blocked":3621,"dns":0,"connect":0,"send":0,"wait":441,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIILUOjgFNIRVOyqKOypOHNSKHjNrOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.098Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIILUOjgFNIRVOyqKOypOHNSKHjNrOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7497,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"8ee80c56ce45be8ac8ce6490a37a0ef8","sha1":"c5b30fa7f17b667be65b88ddd8fa7a7bc8fbe4e2","sha256":"7a0c564009d6c4e81dc33d918405078cbb7b49c94ad700bc8efb5160eacf93f3","sha512":"52be0a973250b70938b8f4583be647e259849be4b16bd73954278f5d8b4bf30701adacfa66a3c4295804b570416e0845987931cf9196658d7b06694bd2fb697d","ssdeep":"192:/GvqfZj+zD94LaeGbXB7xFlEDcb+FaAUdT/Rd9YyOOoyp:+vqfZj+zDOGeAVxFAEnAyT/iyN","tlshash":"6df19d07d586cac1f8e8dff9ab0f10dcbb962e227556b0916b31deca5820ac4e949194","first_seen":"2025-11-09T21:03:23.327408Z","last_seen":"2026-04-07T02:37:49.659468Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3936,"timings":{"blocked":3423,"dns":0,"connect":0,"send":0,"wait":513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqPypZPNcEQSNPItcJINHPHSRNNDfqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.112Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqPypZPNcEQSNPItcJINHPHSRNNDfqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5223,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 104, 8-bit/color RGBA, non-interlaced","md5":"6690722710a40581c92dc0898f7c20c9","sha1":"1dbc909385e092dcb7691fb1f94149a2b0a5ae39","sha256":"c67739139379c48837b24991ff14c7f8d46bb62432478a8c1d0acc01902a0ffc","sha512":"940f7fdd45fa5f411044d3f2ce1d8840c31225b029940e55d0171374c5e684cc12ea985682d17f6ae6749e8268d38fd4a67ee47abd075e45fa3a3e950e14c80b","ssdeep":"96:42W5eRB8xSgR0qruSg+6jiuuD6bmKijCPdcfBFXkg/B9yJoWhb77Rtg/SgC6m:42qesDruSH6jitumKijCPej0g/BkJNTd","tlshash":"15b16d20b54fb92b771140fae8a1bca4fcc71e73473411cd546a4a3f0d59aac5387a9d","first_seen":"2025-11-09T21:03:23.344648Z","last_seen":"2026-04-07T02:37:49.661949Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2824,"timings":{"blocked":2333,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gnbzi.com/mktland","fqdn":"www.gnbzi.com","domain":"gnbzi.com","tld":"com"},"ip":{"addr":"38.47.60.121","port":443,"asn":151061,"as":"Winning Partner Software Development Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gnbzi.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BF:C5:D5:28:AF:FE:B7:98:1B:E3:57:1C:59:5D:02:40:B1:7B:2C:F0","sha256":"A2:D9:EE:41:86:DE:54:B4:8A:29:8C:77:52:8B:C3:AE:2E:32:AF:0A:E1:CA:A2:41:A3:51:A3:A3:19:F8:F0:8F"}}},"request":{"raw":"GET /mktland HTTP/1.1\r\nHost: www.gnbzi.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html\r\ndate: Tue, 07 Apr 2026 02:37:26 GMT\r\nserver: Bobby'Server\r\nx-cache: BYPASS\r\ncontent-length: 159\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"07f36d44d48e2d2cf2d780aa6495f804","sha1":"3e90020ec732a1bbb0cd23e949266f81c98f7624","sha256":"8caff164cd30f36a8f13fcc423a5500a8fce33ce603883090d91f3c085700f8a","sha512":"e7c713b2eeac20e9178f8ee66245de1deff5de391e764e19823351be4911aeb44207b85c336925518f78e5ae78ba6bc93eaf556571e1d79f2ce89c4ae1ddbd57","ssdeep":"","tlshash":"a2c08c26381e2c0c97a321ba16c36ea0d182c330895e19008780025730cb0168ac3729","first_seen":"2024-08-21T12:55:46.175776Z","last_seen":"2026-04-07T02:37:49.664736Z","times_seen":8297,"resource_available":true,"data":null}},"time_used":2202,"timings":{"blocked":998,"dns":522,"connect":203,"send":0,"wait":206,"receive":0,"ssl":270},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"www.gnbzi.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"www.gnbzi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"www.gnbzi.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy8sDScTU0WqHj.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.884Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy8sDScTU0WqHj.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4177,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 240, 8-bit/color RGBA, non-interlaced","md5":"682fef2d773763a84bac03e4d83b5bad","sha1":"af22659d38ece103b37c9d8a2729f19e88cb4617","sha256":"138984293b1b507bef3f02c2992771fb8b428d64706768b6a80d705567ca2eb5","sha512":"e6f5e5636d5b17fd9ccdf6aa10e1b12a747b1a62181e870a15d58b328e82b1c8320935cf03f49fd724254241be7cd0531d9504a40f13efbf5ad23347ec0cd7cc","ssdeep":"96:VwvcBXK0HJf482ThDsbmp4MRKSRwfzSuT:WeZCtAbmp4eKSyB","tlshash":"12815d3037dff02c9740816957c62e3129651da99e7c0a1164fea6d344be3a8f43d5ce","first_seen":"2025-09-19T04:09:21.44164Z","last_seen":"2026-04-07T02:37:49.665906Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2564,"timings":{"blocked":1959,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.899Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 365\r\nOrigin: http://m.aiglez.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://m.aiglez.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 07 Apr 2026 02:37:25 GMT\r\nEO-LOG-UUID: 18327406852362740439\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T06:11:49.187712Z","times_seen":13450766,"resource_available":true,"data":null}},"time_used":599,"timings":{"blocked":49,"dns":32,"connect":19,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T02:37:23.513Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T06:11:49.187712Z","times_seen":13450766,"resource_available":true,"data":null}},"time_used":496,"timings":{"blocked":496,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T02:37:24.281Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:24 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; path=/\nserver_name_session=36fc56184bd0faeedfb86430e19df0f4; Max-Age=86400; httponly; path=/\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":50492,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"data","md5":"7c01a2d9bd65eae4d4b440e4112a9acb","sha1":"03670fdeb5c893ddf5a9c85767ee2b9ef6052197","sha256":"27fa91d2ff284c7de68924163d46f7d5adeb0b5e73eb650400987806714cbd8a","sha512":"7f95714697b773000a537b527430d965ffdb2c45748dd27f233f99de3cd6e195493e36d8b9623490cfe00d005e88a02bd122f43a21dc2fcceab891d0e81a3456","ssdeep":"768:0cNVKWznSh0h7jh6ei2qtxuNxT2TJLFUjU/tXy0:5Nxzn1h7l6ei2qtxuQJLF+atXL","tlshash":"1033830181ec1b3f031701c5b864b7a8716b5bb8cba55f6177f333a92685e6c6ca90f9","first_seen":"2026-04-07T02:37:49.668174Z","last_seen":"2026-04-07T02:37:49.668174Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1171,"timings":{"blocked":251,"dns":0,"connect":253,"send":0,"wait":414,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/tj.js","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.083Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tj.js HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:25 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 03 Mar 2026 14:43:31 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a6f393-19bd\"\r\nExpires: Tue, 07 Apr 2026 14:37:25 GMT\r\nCache-Control: max-age=43200\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6589,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6589), with no line terminators","md5":"34cdeac2b7310d671d72d247dc6d45ec","sha1":"456455032a5b7c0ccbc644f3bfc79a7d5c8689dd","sha256":"e113dbeae48812d0bdb89ad0791d4055479920005c349b05cbdf9e44ef8749c5","sha512":"a8c999c6769740167e4c3b22498f52c1df1b21995d1b268644cf89c9c42a4cf83e22b3d05b830af0051e2215197ad951ac15ef882c3e4e5777f3388eb8bb0224","ssdeep":"192:PIGOo3yZoOClPvoYlMFNuJDygKLzGQqx82EiYQ:PBCZoNlnj/BYzNK82n1","tlshash":"d2d1c8857be060c943529b83773fe0d1dbbf5906be611c8ee604fd8c1fa99088b82970","first_seen":"2026-02-22T05:52:20.913958Z","last_seen":"2026-04-07T02:37:49.670114Z","times_seen":376,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-07T02:37:26Z","timestamp":1775529446,"ip_dst":{"addr":"172.18.0.23","port":35944,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"severity":"high","alert":"ET HUNTING Possible Obfuscator io JavaScript Obfuscation","source":"{\"timestamp\":\"2026-04-07T02:37:26.087442+0000\",\"flow_id\":452601202349624,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"168.76.62.65\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":35944,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038501,\"rev\":2,\"signature\":\"ET HUNTING Possible Obfuscator io JavaScript Obfuscation\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Low\"],\"created_at\":[\"2022_08_11\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2023_08_31\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2023_04_06\"]}},\"http\":{\"hostname\":\"m.aiglez.com\",\"url\":\"/tj.js\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"application/javascript\",\"http_refer\":\"http://m.aiglez.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":3180},\"files\":[{\"filename\":\"/tj.js\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":6589,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1424,\"bytes_toclient\":3935,\"start\":\"2026-04-07T02:37:24.529976+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjLUIjZXOyAKHjfQN1WEODVUHSNqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.105Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjLUIjZXOyAKHjfQN1WEODVUHSNqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9974,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 126, 8-bit/color RGBA, non-interlaced","md5":"6d696f728c94f120e0227c3b8407ab73","sha1":"dafef1604e03fa23f879c94a138c7688b45a7e42","sha256":"a80ebb88b4add864edb7cc25869ad6abdc62f0d734b9b6c07e5c73cc9e8be014","sha512":"3d1c7377e634f5a92016b4a322c5b2bdd5c831db4d9444dadcd4bc5bf7f57b58c6d9cefab6add7949e65e71c75b2b560daaa7f38beb8afcec727e71acffb6297","ssdeep":"192:sYuKqOzuDT+ICG4gVcrOQ8iIvXJq578q1HDAU4CuaYA30yENEmHaGjC6Omb:o3OzuDT+ICU1sIvXJORDH4RYmHtjCCb","tlshash":"64228d98d44a71726338d4fb03686b74fb83644d93629465333b2fb96bdc7e19131613","first_seen":"2025-11-09T21:03:23.338963Z","last_seen":"2026-04-07T02:37:49.670944Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2178,"timings":{"blocked":1674,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOSODINEKQNDTNtbSNjEJItDUIjHrE1MDKyMDTSDQODDPODbSNNNQODVSTNZSN0jUNjVqKxIJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.218Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOSODINEKQNDTNtbSNjEJItDUIjHrE1MDKyMDTSDQODDPODbSNNNQODVSTNZSN0jUNjVqKxIJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:29 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13259,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 270x220, components 3","md5":"0709aa3f6a9c221ba4e03b900cd225a3","sha1":"b7340c5b60884d73b18f7cbca31b7a2c6c8e17aa","sha256":"c405efc450a4c9f14236787903ec52e910ea9e52c585be0641c9d25b3ad267ca","sha512":"faf4c28243adba5cae0a23274095898764926adadc2801a5ef4b203dcc341d40f4aaf5f667e5a7018e04693290de66b782c14348034e52fa7d353a8f19830c4c","ssdeep":"192:/GnfbW1hxy7zmhCvxqH3ITtNymIo/tEyjv+qKZjTC6pOKyGHSSyWYSqaUghvHlF:+ni1hwPmYJmeIo1EyjfKB+6ppNcXSvHb","tlshash":"a752cfdc3eca09da8f1fac5346a6a19fd398e2702866cf1024f6d74688f50f8471c85c","first_seen":"2025-11-09T21:03:23.329059Z","last_seen":"2026-04-07T02:37:49.673571Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4267,"timings":{"blocked":3817,"dns":0,"connect":0,"send":0,"wait":449,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjjAISZPN1DSNNNSONyKOSWHOjRrHDDUNtDRQDtPPtjTPDprOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.230Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjjAISZPN1DSNNNSONyKOSWHOjRrHDDUNtDRQDtPPtjTPDprOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6436,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"2edcd47683c2563ba0eea639e6cfb93c","sha1":"384f396a6cc1986258fbb0d9d37b562b124b4485","sha256":"2ddaaf672956cbb8809cd667be474708f7a4ac214b282e0aa1423bc4eeca56fd","sha512":"b980121d4ef5c561bebebe3b63613e45af708b06109a7591d23710532beb7e8687be8e0ab2521104737bf8460d2ea3777e91c4a60b7dfe8d9c2e8c2690d3b3c7","ssdeep":"192:/GvJPIX1SPlpkWjhq9LFOmu/IKdT3g9E65W3:+vJPlPl3iFO5IaTw9E/","tlshash":"99d19eadc94045980e7e2cb57044af1ac498b989bed019439b33cdcaf626ed898d9c1e","first_seen":"2025-11-09T21:03:23.358507Z","last_seen":"2026-04-07T02:37:49.676024Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1206,"timings":{"blocked":559,"dns":0,"connect":0,"send":0,"wait":647,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gHyOEDkkQJyV.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.879Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gHyOEDkkQJyV.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2127,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 96, 8-bit/color RGBA, non-interlaced","md5":"7031b1203c6866a0fc18add156f2aaf9","sha1":"194e368f063b4e83830cb198c3748a10eda30a64","sha256":"e7a058a0cd8807c074204af58815951066c996c5fb04b0884fd736cefceb638b","sha512":"631731e2dcc0b78822fc2c900d0e8791992fc81e2aecca75b25203d496c41cbbbd9e641ef6d519d8f0ac851902446f2aacb3358f860c7f8c7422a5b9c816c509","ssdeep":"","tlshash":"5c41c9c5de90a064934e5c4024ee982755539ca06ee8d1a7e58ff4461f928ac029e9d6","first_seen":"2025-11-09T21:03:23.350572Z","last_seen":"2026-04-07T02:37:49.678292Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2244,"timings":{"blocked":1764,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnHxSNT1cTKu1KIRAqExqDKEkrKIfsHHOU.css","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.085Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnHxSNT1cTKu1KIRAqExqDKEkrKIfsHHOU.css HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:25 GMT\r\nContent-Type: text/css;charset=gbk\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3440,"size_decoded":0,"mime_type":"text/css; charset=gbk","magic":"exported SGML document, Unicode text, UTF-8 text, with very long lines (3270)","md5":"56dcf764afcc9d1bdab6e04ea88bf333","sha1":"9d75b17c51e32b78bbe806057b52a488b5715457","sha256":"2850fbca2cc01052bff3c5ba7c3552fa0b8501a2cdb89e273a353a178dc0fa12","sha512":"014d56c200957261b362d73c86a7071d094b42a0a59d1c75245254cbd391a96f3d1c5a98002bcba993635430786e99bc49e502575c81105597bf814d10ea35b4","ssdeep":"","tlshash":"db61dce5315a225f480f83221dd81e86393dcc52d8660a5a92bbd714479ae6d213ffcf","first_seen":"2026-04-07T02:37:49.680793Z","last_seen":"2026-04-07T02:37:49.680793Z","times_seen":1,"resource_available":false,"data":null}},"time_used":947,"timings":{"blocked":225,"dns":0,"connect":244,"send":0,"wait":478,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqHNOHI1NQNjZNO1LUNDSGOtSGIjRqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.106Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqHNOHI1NQNjZNO1LUNDSGOtSGIjRqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 449 x 282, 8-bit/color RGBA, non-interlaced","md5":"6137e1b540ebe450d8e88e0b6f76ebb9","sha1":"ecf833ba8cec6edd017f24583fc5834c5a5ac936","sha256":"28e75aae61d13ecf324f88e701d2d1fe8548a99d922a7c01e81e323a902c62ec","sha512":"448f0967d40996f08882e9d1a819d8df48222ea90daeb7edf51447b5a07b9bd755cbf9827eacf825f5777960b1387ccb06f849329ce51115efe015ed5c86840d","ssdeep":"384:2EtT3JcGTssHAWlY/WL5gXfRMBmkwrt0vuDBnMi8b4X9je0Efa/oM:2gcBDWWuLE6BkmvuDBnj8b4X9jeYr","tlshash":"41a28ed315e9f62ad7c1aa9f22822b73147a173a66a0162242c2f572d33bd7d35350ce","first_seen":"2025-11-09T21:03:23.314728Z","last_seen":"2026-04-07T02:37:49.683112Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2263,"timings":{"blocked":1723,"dns":0,"connect":0,"send":0,"wait":539,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNINANDfUNNpQOtDUHIVUNDWGNDLqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.107Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNINANDfUNNpQOtDUHIVUNDWGNDLqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17169,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 158, 8-bit/color RGBA, non-interlaced","md5":"21077f44f62d87a2576f03cd694526ba","sha1":"1a9c19e9bc311c7db1198c6bbf04c5c9a147ee75","sha256":"a850268a002a65f1b1782a8f96c1cda4e6bbf060f68afd79f4c1916c6bcffc07","sha512":"571c1267f0ec101f97c6748412214f6a0c14b960a76dd7ee8b8ebca48470a4011be5f9f5214d933dfd88fec074629e52881a90eefa5c165d598a8aa451e947d7","ssdeep":"384:ytc+p8KmR6/FlHJuL7TZbo7pskhqsQV5Nbf9rxdGI4+W5aDHCla:yDpnmR6/fpu3TZbkskhhQVDhrTh7aa","tlshash":"7872d0eb972148064884bc93edf5e18969fbe6c2af72916ed97800613e42148b3ddb41","first_seen":"2025-11-09T21:03:23.318369Z","last_seen":"2026-04-07T02:37:49.685321Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2339,"timings":{"blocked":1808,"dns":0,"connect":0,"send":0,"wait":530,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqONOHNNNRQNSKItVQNNtPHtqKOIpqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.109Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqONOHNNNRQNSKItVQNNtPHtqKOIpqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9023,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 105, 8-bit/color RGBA, non-interlaced","md5":"121f8e520844d84fe91ed3d00c10ad16","sha1":"6a661a77666098c69d72e3cb367023b87ae296b8","sha256":"25bc01f73b5a64b1be57a8a31daa6932d083ae625c2221c3e78aed200ca6e772","sha512":"c0fdff93c4d40d7f6e1aa4c26777527d3c3343fb5a4ca7c2a6e11efcb642d3fd4b2d5f0ce37a1ed30691cb43aa3b715fee1366dba01e7a80f22685d2b58c1799","ssdeep":"96:x9j5CXq0qTajyCRd1b3rkko2xx2dmyE5NSn7SW9ZbjrR5RQu/cgADTlkZVCR2mg3:LEX1q9HuxemrWSORY1ruV8EO3YonygXq","tlshash":"40129dab7ae5ee758e2e601e4163a1e016e50f033f912bc284f51c58b94fe597d3360e","first_seen":"2025-11-09T21:03:23.347173Z","last_seen":"2026-04-07T02:37:49.688263Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2534,"timings":{"blocked":2004,"dns":0,"connect":0,"send":0,"wait":529,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoODtqN1RSPNfXNNRRONHZOSqGNIHAOjfrOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.227Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoODtqN1RSPNfXNNRRONHZOSqGNIHAOjfrOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11366,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"0f0de9f89743b9047687680e6c0f54ed","sha1":"88157b32770397d8df73183a319c5ef42c72d23f","sha256":"426568ff88298a957b45fc04f41f46e68fe3ff573144030292a92918457f742b","sha512":"596492fbadfb8c659335606926e7623fb2797acdbda15900be521cbd6f17f83e693bafd7fcb61267041dc53923b989d14f211aa20636332cedca141cdefb5c48","ssdeep":"192:/GvkZ0UzaRy/aZusuZaPEA1a50iaXO51XlUrlz7kzb3MhZBlt3xM6d7DdHJy3JkZ:+vozzWusuZPaXAjgkzLC66dNA3mYxI","tlshash":"af32bfbd96139b82a0722f73196336daffa59b42bc55130c9a79ca042866cd2f0cf15d","first_seen":"2025-11-09T21:03:23.339789Z","last_seen":"2026-04-07T02:37:49.690433Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":562,"dns":0,"connect":0,"send":0,"wait":565,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/wp-content/uploads/2020/12/d02a42d9cb3dec9320e5.ico","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:29.491Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2020/12/d02a42d9cb3dec9320e5.ico HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4; __vtins__3GS3ecPK4avGNBxi=%7B%22sid%22%3A%20%2255fa3307-cc6a-552b-a32f-86bf93854291%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201775531245873%2C%20%22ct%22%3A%201775529445873%7D; __51uvsct__3GS3ecPK4avGNBxi=1; __51vcke__3GS3ecPK4avGNBxi=5d8789ac-0683-550a-a6f2-7768c300bbc2; __51vuft__3GS3ecPK4avGNBxi=1775529445878\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:29 GMT\r\nContent-Type: text/html; charset=gbk\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":833,"size_decoded":0,"mime_type":"text/html; charset=gbk","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (800), with no line terminators","md5":"ab5f1b9fabb7f7926719a40e8f4c3439","sha1":"70b41e31132f69661b4e7483a65dcead204a0263","sha256":"09d641f1e128412138aa3631fb44863bfa08e5cd52b7f7726ecf3171a6fe374d","sha512":"6c3d029f0a9161f3e7a8d99d5690210fce62990d5f4f7a774f14b2c3064a9727d80825ced36c808bcf67618b565297c8f0209786e362834917127f8ceabaa153","ssdeep":"","tlshash":"181165594ad1b68d0507da29f061db9f8c0722c85cc5f186c4f3ad16bec0b1dd20e2c6","first_seen":"2026-04-07T02:37:49.692243Z","last_seen":"2026-04-07T02:37:49.692243Z","times_seen":1,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnHxSNT0MSF19ETSMNIySoU1SNEj.css","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.088Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnHxSNT0MSF19ETSMNIySoU1SNEj.css HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:25 GMT\r\nContent-Type: text/css;charset=gbk\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1278,"size_decoded":0,"mime_type":"text/css; charset=gbk","magic":"exported SGML document, Unicode text, UTF-8 text","md5":"21c9e6e366ac6ac4c3fec60997cfcd2e","sha1":"3670247c96ecaddfcb3c7208cc95c338b3f6e3b2","sha256":"2cebfcdf924a48fa2ae9ac7b7dd38ae4e52ec0e2c85f0949b605dfab76166b8e","sha512":"da7bfbb01fc45fabd0b9bcbf0cd6609eed106a860342cd89cac3edc93efbdcdf924e18853b7c29f16b7c9c71b39b3e7dff23d93755a04b6dd026b1d4ef1305cc","ssdeep":"","tlshash":"2e213850e3c6155e752780ed34a0fae0571f12c1dad21b28f9a776eca25c10dad3bf81","first_seen":"2026-04-07T02:37:49.693991Z","last_seen":"2026-04-07T02:37:49.693991Z","times_seen":1,"resource_available":false,"data":null}},"time_used":934,"timings":{"blocked":220,"dns":1,"connect":242,"send":0,"wait":470,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqHyOKONfQOjDPHSLRNDAJPyIJNjDqKxIJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.103Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqHyOKONfQOjDPHSLRNDAJPyIJNjDqKxIJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100384,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x450, components 3","md5":"096d7b8560f004f0c3b120cdb296eb82","sha1":"5bfdffc38d4612837f44566bc22fd5b50e8068ac","sha256":"874295b3a15055b46fe26398d38362f826fca5b580544dbd57b097fc01c1e897","sha512":"4ccad2adb4b6e7babbfc8e077a51588aedf2dd2ab83bc076e93df6b20aec2be51d5f8686db2b492bde25144d39e6cc5e7d6ae457b5ac26f4ffc57746f1d58c32","ssdeep":"3072:swLXq2vX7V7rinnWIKs1LFQ08TNajZmHj:swDvV7rqnjKsLF2TqmD","tlshash":"77a312140fc9d0bab17ea8a096a156b616a44e09c7ddd27f0316e637bfd037947c83a3","first_seen":"2025-11-09T21:03:23.323787Z","last_seen":"2026-04-07T02:37:49.696004Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2610,"timings":{"blocked":1586,"dns":0,"connect":0,"send":0,"wait":512,"receive":512,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqHyHQNNMINSqHOyqDOjZXIjZAHjRqESgJ.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.111Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqHyHQNNMINSqHOyqDOjZXIjZAHjRqESgJ.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:27 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9463,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 158 x 105, 8-bit/color RGBA, non-interlaced","md5":"2d1f62c2e33723827287b069670f8821","sha1":"cdd038fcc6bbc3ebc9a9bcb8fb909ac5812ef8dc","sha256":"c6630c6e845a918540bb95b99864dd555d733786608d6ef43d01908a930e09e9","sha512":"020c34d38a797872ce9c38bc748de70e0998daec0a718590beaf84d98fc1b7e7cbc5db94e55c91b84382f4d8b4f18e8fc5dee8d4f0429f7882770214de7fa9e5","ssdeep":"192:jwrbHoZSmx1MNB5uMuOp20mwqqXwVUVY58+Xs6:jwrzm1iB5uMuZHxqAKVY5xh","tlshash":"1a12ae178b7803f7b7fdeb406f0ce3fde557648c63c09050084a65e265b4e07e85969a","first_seen":"2025-11-09T21:03:23.300415Z","last_seen":"2026-04-07T02:37:49.69772Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2732,"timings":{"blocked":2257,"dns":0,"connect":0,"send":0,"wait":474,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqONHNOjgJHtSKINcKHIpTNNRUN1RrHDDUNtDUNDtROtpZNDZrOtjSFtRSQE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.228Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqONHNOjgJHtSKINcKHIpTNNRUN1RrHDDUNtDUNDtROtpZNDZrOtjSFtRSQE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11421,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x218, components 3","md5":"888a4bc27d163851e1aaf96494b5af95","sha1":"712345e9c5e4bcef8cbec4dd54c721f4f3eba16d","sha256":"f19a6f135807daacc2fff7f0bb4184791c1cac2e6f8062def9aadac184c43ee1","sha512":"53eeb0c4c5ff29113e30e22203f7632d94442f9c8f837404469d222c437900808ea8cd9d071ef2b9faf86569abd64c7855a342af596255b19ab72d29d008973b","ssdeep":"192:/stWiZl4FfTDJ7ukNyxAD8P3YiYhTS9WwncJAEiu6KwUxgpRbK3q0WuY33WrLU:ktWiZl4ZD0KyxA6aS9rncJSqE9K3qrJ/","tlshash":"fb32af0fb25005b3c526cf677b1a5f3463ed66b4cdb06ba90971ec98d260ce8a81467f","first_seen":"2025-11-09T21:03:23.340701Z","last_seen":"2026-04-07T02:37:49.699393Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1065,"timings":{"blocked":561,"dns":0,"connect":0,"send":0,"wait":503,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gKyIpKEkQJyV.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.883Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIcKJy9gKyIpKEkQJyV.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1694,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 96, 8-bit/color RGBA, non-interlaced","md5":"9201e150da447f7eb2c3c799ba9edbc4","sha1":"7459ebd1ac738d0de81b8ab9119d91476c9cb94e","sha256":"1a9027fd91b13496300532a7e4b58e13f920e5e41d1d6e08663952867e682146","sha512":"e6668ce217e4d58915dfc768460cb500ed6eef07863733f234a719c8b7e52bafed55ead166f3bcc265a9687704cf322271ac3c447d4b75a3e74210803b886721","ssdeep":"","tlshash":"2631b64efd90a400a41de4f720fb4212da025845cbd8a122fe4ea883ccf02b0c4646e7","first_seen":"2025-11-09T21:03:23.35934Z","last_seen":"2026-04-07T02:37:49.701009Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2428,"timings":{"blocked":1839,"dns":0,"connect":0,"send":0,"wait":589,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.086Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:25 GMT\r\nContent-Type: text/css;charset=gbk\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34853,"size_decoded":0,"mime_type":"text/css; charset=gbk","magic":"data","md5":"778314ddae79888b9522a7f8c70d55f5","sha1":"facb472dcc5b546876e7f4b5e021d306b60c8cf3","sha256":"b7e0b47b4fc0ac773fb0bb502afaf791e51eed6d656646e1c9d43b3ff559e713","sha512":"c6d7305a453c8c75d6a8f825ce488ea9706908db56df0857468b040fb5c1d220727cbb51e9a196f97905254905f63f0ad058398f8ceed95fd923b223e7ee6d65","ssdeep":"384:UvDqTzzykjPussd/fZIAUfsHgyzG/0Pezcy1yUWDwVdDTqAgUQwT7bTjUhUwOIV:UsadHc0PeIy4pGpQwTMhUwOA","tlshash":"84f25332ea61201cb23bc622fcd2ebde7224c113d5675abee9153471c98b0ed1573b89","first_seen":"2026-04-07T02:37:49.702511Z","last_seen":"2026-04-07T02:37:49.702511Z","times_seen":1,"resource_available":false,"data":null}},"time_used":949,"timings":{"blocked":227,"dns":1,"connect":246,"send":0,"wait":475,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOyNNNNbYOt1KINRTOSDQONjZNyDrOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.093Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqOyNNNNbYOt1KINRTOSDQONjZNyDrOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8575,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"0c438c569fe3f7e85eb121100fd3e3d2","sha1":"f0ac4ee966044c836bc909f2b4557ca9a924fbd7","sha256":"88f047079a3255be007cdc586c019870d99b59e65cae9d9dc5b3ce09886d0b7c","sha512":"8efc308202d2965b151507640b5582d89fb136710665839771643ea788c7b1b8c89cc85782c24f05d02477cd1df3ac9bec8071f1ebd10ee37824f037d1823f02","ssdeep":"192:/GvbQsukgA2mj6jdIDxPwNOfBcBiaZWocUKpK+q7m3E7fk:+vcVAV6jdIDxPwNmBcEaZWo5KgLm33","tlshash":"53026c17490e8362602a1efd734b1f7d664f3c686598669a98f1c5cfbe386c46cce84c","first_seen":"2025-11-09T21:03:23.381873Z","last_seen":"2026-04-07T02:37:49.704456Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3764,"timings":{"blocked":3219,"dns":0,"connect":0,"send":0,"wait":544,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONRqPtOJODMEHt1HHjMEOjODOIROOSNrOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.223Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONRqPtOJODMEHt1HHjMEOjODOIROOSNrOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:29 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10554,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"9af5c57f5c9718efde1e4e202891c73f","sha1":"9f029eb6fd5324936793394dcb06250118a35be6","sha256":"608a024426140779b6504bece6f9330e9699b5ac15c867a52fba309b9581e1cd","sha512":"ba3a03025e3189150ebcd64c0d4519bd7c7e959c564ff66d5f1c2483fee49db6c158e1424f346332db2c3069af740912f4e7bb796ae0f0a43d6fed23ba2ecd85","ssdeep":"192:/Gv5yxMoSZP72cav1gy80CKClC29JJoM/kiPIR:+vgYDfZx/3VPIR","tlshash":"7122b11c1b4161e2fab25fbd6c554cd7d1a6999848006a442835df73ba914f93f0620f","first_seen":"2025-11-09T21:03:23.302663Z","last_seen":"2026-04-07T02:37:49.706132Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4169,"timings":{"blocked":3635,"dns":0,"connect":0,"send":0,"wait":533,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjZSOIMFHIZQHjOFQSDUN1SKNjRrHDDUNtDRQDtTONLUNDprOtjSFtRTOE9LD1Z.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.231Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqIjZSOIMFHIZQHjOFQSDUN1SKNjRrHDDUNtDRQDtTONLUNDprOtjSFtRTOE9LD1Z.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:25 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10028,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 294x220, components 3","md5":"ee7cab13cf8b1e7e5b9c290fd39c460d","sha1":"2a11f72179e19bd87eec7dcb32d99ce4b7e15ab0","sha256":"a33fc48dcc2492a9020639ce025149762134fb6cd8004cc20ffff2777066c46d","sha512":"3ab2534120f1b4965739aacf8502753385ebadcfc6910d00937f6ba1eb82cf57a6f7f7b22c4a9d14c60a69d6b231da6bfd8c3dc4867dbf0b3aae8335019d65ff","ssdeep":"192:/Gvyz05Gizx6fO5LhbO7gMzihpbRQM/TTt3PfERaZY12o:+vugGbKLhq7gFpb9F3PRZG2o","tlshash":"9822b07738ba7bd98c840f41560c2964f02905c9c1defb0d9677cf90e214eeab11b928","first_seen":"2025-11-09T21:03:23.351287Z","last_seen":"2026-04-07T02:37:49.707604Z","times_seen":4,"resource_available":false,"data":null}},"time_used":925,"timings":{"blocked":558,"dns":0,"connect":0,"send":0,"wait":366,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUHOEIRAEJkcSK1H.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.860Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUHOEIRAEJkcSK1H.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"d55be701036ea222cd3eb7bf2f7300ec","sha1":"831917be36a9d2e0962d2d6073e54b75ab1578e6","sha256":"33253fec5d6a58a9aa5e90019fc725a7ba7f9051be56a56dd48a53b74952f780","sha512":"f0fc1b26ef7966ee7468961bec94ae99284109960b6025dbd92cfb75f4c53810e8eeb24713fc8cbe21948646590665b386f5576b6a5129ac2e7be436dc7409f0","ssdeep":"","tlshash":"cae0c0c7a79820b64e6a6132d60bb61f043c083c194e031a465299f083116023764a6c","first_seen":"2025-09-19T04:09:21.451064Z","last_seen":"2026-04-07T02:37:49.708981Z","times_seen":7,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":444,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIWTE15SUxMpIycUTxIsID.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.869Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIWTE15SUxMpIycUTxIsID.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnDxMXJSNsHHOU.css\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":249,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5 x 28, 8-bit/color RGBA, non-interlaced","md5":"0a979cd3b277e9138429bb1b744808d8","sha1":"dfdbc86d0436ce7913469d12f4e485b6c79c4e84","sha256":"829b6a49039a6299093b973ccb600d72f057a4e5e03b7b56bdbf5c5c49fe3848","sha512":"51db8016347bb294d8c2a8314a3014547533daddd794abf1c6c5342ce4c41d3193416baaab7fa9fc551bd199f766bbc3627ef0113f2eb7c3e7dc072718189200","ssdeep":"","tlshash":"68d095d37354dc3593574233950dc103755a1855951f459c1043c5245df7fc930d0347","first_seen":"2024-08-19T16:24:59.741329Z","last_seen":"2026-04-07T02:37:49.710396Z","times_seen":8,"resource_available":false,"data":null}},"time_used":909,"timings":{"blocked":423,"dns":0,"connect":0,"send":0,"wait":485,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqD04oDIkH.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.873Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5TJ1SLIRRpD0IRKScPHRAOHytnJS9FH1OPUIIODxDqD04oDIkH.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:26 GMT\r\nContent-Type: image/png\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5422,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"b1163c22e5f88f42fecc6569ec1b9a2c","sha1":"3d69d632e78bedf01d48d85eda4762db7e4897a0","sha256":"01c4d09881bacc2c765f486b58239756c6d408d8c7b7740861ada88e91c80fa8","sha512":"a6f3d459d031b60a40bb1a9b49b5411de2ccf9948b5a35273ca1b7fb061a46dedbf0344897110c3bac8af51278e8e611d28a884280329379f7fddccb2ce87886","ssdeep":"96:X06TKefdBk3ZjnH7mzLdOCSg2UqVaTmKTliqhxqz+Z7m8GYDUptNw1dH:E6mefcp76zRx9W03qz+Rm+Qnw1dH","tlshash":"26b1ae16f67f8707dfaba1c18421e7dd9af1a02b9821cca0b841429b25511c6bf84bfc","first_seen":"2025-11-09T21:03:23.361321Z","last_seen":"2026-04-07T02:37:49.711761Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1041,"timings":{"blocked":563,"dns":0,"connect":0,"send":0,"wait":478,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"m.aiglez.com/ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNyVPOjWKNjEGNNAJNtIHHtLOOjRrOEgoDyD.jpg","fqdn":"m.aiglez.com","domain":"aiglez.com","tld":"com"},"ip":{"addr":"168.76.62.65","port":80,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://m.aiglez.com/","date":"2026-04-07T02:37:25.235Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ExVrI1csEyMnDE5UD1unHSMNTjpONNZoONZqNyVPOjWKNjEGNNAJNtIHHtLOOjRrOEgoDyD.jpg HTTP/1.1\r\nHost: m.aiglez.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://m.aiglez.com/\r\nCookie: PHPSESSID=mv6cjvq5eo726t1fvfgbbbidd5; server_name_session=36fc56184bd0faeedfb86430e19df0f4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 07 Apr 2026 02:37:28 GMT\r\nContent-Type: image/jpg\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40134,"size_decoded":0,"mime_type":"image/jpg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 430x430, components 3","md5":"25c9ce5743f12b8e676514a5995f8a8c","sha1":"f43a61bbf078d13e94666020b06c1caac0cf8775","sha256":"b7421b2fedda9a5f5d731d9681fafc4994ac339e4a8ef2ac9d1342484e2161e1","sha512":"4b1be7b91d286c41b5019488e76974f6c9c9d73a1aa318f895d98b566e372a340b504257efa769ecdafec1a9fbca0adbb99ef2243f5aea0628be49e783d6bf20","ssdeep":"768:I5FeM3RujuhW5AfhucUX/5SHjJ5iHyRqPJCEYOMW:IH/MuW5QucaSHj7eh8W","tlshash":"5403ae6abf6a5fb53e0c17f170030f40ab88c7a48bc644c02ae1dd65facd1d198ad799","first_seen":"2025-09-19T04:09:21.455105Z","last_seen":"2026-04-07T02:37:49.712989Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3623,"timings":{"blocked":2809,"dns":0,"connect":0,"send":0,"wait":567,"receive":247,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"m.aiglez.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"m.aiglez.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}