{"report_id":"50a8e3ac-1a9c-4feb-a17c-0c1ae449ba1f","version":6,"status":"done","tags":[],"date":"2026-05-02T12:59:35Z","url":{"schema":"http","addr":"credi-reactivar-caso09383.iceiy.com","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/?i=1","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"title":"Iniciar sesiĆ³n en tu cuenta Microsoft","dom":{"size":21661,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"6052424f9881dcce9606238e6e36620a","sha1":"a4eb31b04b3ea7dae749d3baf54b48f7712c139a","sha256":"decb6cf677a2e53440a93229a3db9287109b3fbe9236dfe990cf4c7d92fb23ed","sha512":"5c53ebf3aeb8aa667b0bcbdd1718453224d7d475ee30340aea535688fc6725ffa8179f8593fa3836c8b492c795fc58fc847cca6a1f4b99c38195db590c29ff6c","ssdeep":"384:S9kvdDzsY5mcPFSvp81hLFJjPzMDkxpmF19Nu+dFhfslsPQv:S9k1DzsY5mcPFSh81hLFJ/xS9Nu+dFhu","tlshash":"36a28457aae305527413e46827e79b4a7678c003d50bcd397fac63988f877e9888379c","dom_hash":"domhash5f67021e37240b6e6e9494cd16bfa097","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"credi-reactivar-caso09383.iceiy.com","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-06T12:59:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"credi-reactivar-caso09383.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"cdn.glitch.global","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.wikia.nocookie.net","ip":{"addr":"162.159.142.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2007-10-19","domain_rank":62708,"first_seen":"2014-02-27T12:31:06Z","last_seen":"2026-04-25T07:53:41.064514Z","alert_count":0,"request_count":1,"received_data":17633,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":519,"sent_data":489,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-26T22:34:03.62582Z","alert_count":0,"request_count":1,"received_data":103032,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-04-26T23:27:43.968903Z","alert_count":0,"request_count":1,"received_data":90462,"sent_data":464,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i.postimg.cc","ip":{"addr":"46.105.222.82","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"domain_registered":"2016-06-11","domain_rank":103883,"first_seen":"2018-04-11T10:01:12Z","last_seen":"2026-04-30T03:59:40.882502Z","alert_count":0,"request_count":1,"received_data":3993,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.glitch.global","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-09-09","domain_rank":2823658,"first_seen":"2022-01-13T10:18:16Z","last_seen":"2026-04-30T10:28:56.064673Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":527,"comment":"","tags":null,"fingerprints":null},{"fqdn":"c.s-microsoft.com","ip":{"addr":"96.6.17.223","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"2012-02-07","domain_rank":46140,"first_seen":"2013-11-06T15:56:27Z","last_seen":"2026-04-30T15:15:47.252113Z","alert_count":0,"request_count":1,"received_data":376,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"credi-reactivar-caso09383.iceiy.com","ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-12-06","domain_rank":0,"first_seen":"2026-05-02T12:59:36.145605Z","last_seen":"2026-05-02T12:59:36.145605Z","alert_count":3,"request_count":3,"received_data":24861,"sent_data":1624,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-02T17:30:34.741448Z","times_seen":231248,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/?i=1","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"9d61272ac101619bbabf70bcbee39f43","sha1":"f7dec1a807fd1d2c860994c9cc89bd4fda6a820c","sha256":"d251840c1a8c989706676636fea04460ff659477f9bd7320ef5574de52d24e61","sha512":"26661cf6011e9a3fb101eb8e55cd5247695c5780d63c349ffe9de36054e3e0ab49d4a1a129625085854e2a77c61bdc40e136c19e77824b41cdcfd8442076e0a0","ssdeep":"","tlshash":"ddd0c9e9e8d27874925821a22c3ad0216a395884548fa549f8400409eec630cdb26c30","size":200,"data":"","first_seen":"2025-10-04T05:08:57.547616Z","last_seen":"2026-05-02T14:25:42.205422Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/?i=1","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"2104adc14dc5276fbfbe409c4ebabf79","sha1":"de157e28eb41324924d08cf1a37ba5695876a120","sha256":"350b7cb965adf3138888f7cda2dd155669ae95447739e9603a32b68aef118464","sha512":"874b292a9d63520711800841cef11cff1114f8429ffec193271fbba80bdc546f43f879610c3206d1180bbd9cffc8c5b5ac24525e9486d8573dacfb9f83d8863a","ssdeep":"","tlshash":"fb61971629b3085106b3b19d275bc4067617440b2949dc00bbbedb9c2f81f79f993bdb","size":3433,"data":"","first_seen":"2025-10-12T19:18:20.576875Z","last_seen":"2026-05-02T14:25:42.20732Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"277b99497f1786d0d9c5698db6f60864","sha1":"20ebd61abc4b782fab794a2f5c7c71dea216bdd1","sha256":"4401379c2c3fc88007f6f6a92328dfa90998f7d2fcb81ce22c9b0f41c2eed828","sha512":"ecd0b9c0c425df5e85f284d386af1243ce8bdb917da6adea99dd78ec130cabcacee09070689662399fcb4ce88dc80fad02cc993cd62447fd9c6b7670e6346bb6","ssdeep":"","tlshash":"24f04778e1b170f58fc14057043f954fd0211bd2f522c5fbc002a2609ad6ced0a48d6f","size":623,"data":"","first_seen":"2026-05-02T12:59:37.803907Z","last_seen":"2026-05-02T14:25:42.205862Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/aes.js","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"756722c3542f271367cc3b074113a8ee","sha1":"c5c24b4cfc44d597fb7d82d79a7dcea4a8d07e2b","sha256":"ed1d3bd967abe66cff832561cb911c572a2f85fd6cffc32ef3cec68dbc60c7ce","sha512":"ec3293d425646848dc2cf5d3cebae22b91d99461d3565ed17599af961f6f0062167446f732e91ade94f7e589000cda7e85259a217c5ce571bc11c175435a4290","ssdeep":"","tlshash":"8d1150a5034607bcf6cd0ec8c40a321a21f1c04abe2112c9afb36ae77c3b8840034e26","size":1000,"data":"","first_seen":"2025-03-10T10:15:36.223346Z","last_seen":"2026-05-02T15:56:22.833669Z","times_seen":1916,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/config.js","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c80d20c3243cfd0526443b550400e46","sha1":"90e14486623ac8b8d33e620cc1e5eefc104ffe3f","sha256":"05e9c21e8280e93fe46012f1c4a92b58e0c397a584691c2538e9be9cbe1f4bca","sha512":"fd8b5146d89a0f2c6337629d3ee03eb5c6e5fc76ff470f4b732eb06357ed774014468c55027598e397e01f76ff4d1928781236a9efc222c7a0791206d38604fa","ssdeep":"","tlshash":"a4c02bc3bd4106b04d985ed498033c5dabe689bf1ce704cdfa259a785cafa62102e8e0","size":155,"data":"","first_seen":"2026-05-02T12:59:37.797548Z","last_seen":"2026-05-02T14:25:42.203597Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-02T12:59:14.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: credi-reactivar-caso09383.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 02 May 2026 12:59:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 862\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":862,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (862), with no line terminators","md5":"8e8dd13d4a2b71caad86d114b7f6771f","sha1":"77143515b835aec95627d3eefa08bac019addbde","sha256":"1adbe3fb3a22a5c49be7ce820ebf5e0ade3fe4812eefa3532ccbabf6d237d046","sha512":"039508dc82c8912388ddce6c291671e16b6423101d3ef623df29cd19c92ecc43c7fa2250c989f9a5603b7eeb47e29928656c2afc98aa9696cd5d80878c6f8eb5","ssdeep":"","tlshash":"af1181b8ece1f0e5cfc000d1243ad05ea4019ae2e511c9ebc0c292e092d1bdc0e49c7a","first_seen":"2026-05-02T12:59:37.793649Z","last_seen":"2026-05-02T14:25:42.202592Z","times_seen":3,"resource_available":true,"data":null}},"time_used":651,"timings":{"blocked":306,"dns":147,"connect":35,"send":0,"wait":39,"receive":0,"ssl":122},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"credi-reactivar-caso09383.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.wikia.nocookie.net/windows/images/3/33/Microsoft-logo.png/","fqdn":"static.wikia.nocookie.net","domain":"nocookie.net","tld":"net"},"ip":{"addr":"162.159.142.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wikia.nocookie.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 16:13:28 GMT","end":"Sat, 13 Jun 2026 16:13:27 GMT"},"fingerprint":{"sha1":"95:3A:47:C2:51:B8:5D:8B:3D:70:79:4F:E2:62:96:33:39:7D:48:FA","sha256":"D0:6A:DB:0C:49:57:F6:11:94:3E:70:24:17:FE:3A:47:43:53:7A:41:11:90:5D:23:C5:96:E0:BF:A2:FB:4A:47"}}},"request":{"raw":"GET /windows/images/3/33/Microsoft-logo.png/ HTTP/1.1\r\nHost: static.wikia.nocookie.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 12:59:15 GMT\r\ncontent-type: image/webp\r\ncontent-length: 16172\r\nsurrogate-key: 348f7ad814ed40e554f813fcbb379059ff030a59 wiki-windows thumblr original v:e639ec8e\r\ncontent-disposition: inline; filename=\"Microsoft-logo.webp\"; filename*=UTF-8''Microsoft-logo.webp\r\netag: \"JieQasQKx0aBZS9EezNC0A==\"\r\nx-thumbnailer: Thumblr\r\nvary: Accept\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Range\r\nx-cache-hits: ORIGIN\r\nx-cache: ORIGIN\r\nx-served-by: thumblr-7ccdb8dff4-pt6nl\r\ncontent-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; style-src 'unsafe-inline'; sandbox; report-uri https://services.fandom.com/csp-logger/csp/thumblr\r\ncache-control: public, max-age=31536000\r\nnel: {\"report_to\":\"nel\",\"max_age\":604800,\"failure_fraction\":0.01}\r\nreport-to: {\"group\":\"nel\",\"endpoints\":[{\"url\":\"https://services.fandom.com/browser-errors/report\"}],\"max_age\":604800,\"include_subdomains\":true}\r\nx-envoy-upstream-service-time: 43\r\nserver: cloudflare\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 8613709\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=JkixfFapBNN0Xupn.Vy5sLbf7lY7zfi0HubtiLMOFpU-1777726755.24499-1.0.1.1-2CSZX6mgM0X6QPLVfnShHbTWukp0WnysIMMrFc2udQuWB8eIf_IiCUeYDKyihKGySLx6prEe6DmG7YvrZrTMwqhBMDie0dNOzdKsQBLrql.y24D86JFcAjHfG16lz07C; HttpOnly; Secure; Path=/; Domain=nocookie.net; Expires=Sat, 02 May 2026 13:29:15 GMT\r\ncf-ray: 9f5733bc4bb95699-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":16172,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2627906ac40ac74681652f447b3342d0","sha1":"b335aaa47b41ad31e1cee4f8734b6d405e97641a","sha256":"770df79770e00aa643a90fd3605d023e4cbd5e0e0f7d5bb3aaab5493446190ac","sha512":"1f85bd522994b069758164e043102491b7e7a32eaf69a5ce5fd7bc361ac3004fed7c9af9d6c25a7b59f1eaaee1f51bc9319a845574f0e3300531ad66fb977731","ssdeep":"384:9KhtMwPfX/BAmdG5xSRF0XyfGG5WiEIr+bR7OLiRZV:9Ath/BAR5xBXoGBib+bJz","tlshash":"e072cf49229282a8b83f8b9ac11b48cfa7b0165e1c469f32f9b50d90c5f94dd7954edc","first_seen":"2026-02-23T20:05:41.828508Z","last_seen":"2026-05-02T14:25:42.20407Z","times_seen":6,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":68,"dns":43,"connect":8,"send":0,"wait":64,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Segoe+UI:wght@400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:34 GMT","end":"Wed, 01 Jul 2026 05:19:33 GMT"},"fingerprint":{"sha1":"21:64:07:B1:AB:C9:F8:BB:E3:DA:F8:1A:C2:71:8D:C1:5F:BB:C8:5F","sha256":"C9:6D:F4:6C:D4:D4:BA:AB:16:C1:57:05:B3:FD:F7:74:8C:83:CB:18:D2:21:81:4D:F6:97:96:5A:A4:4C:ED:44"}}},"request":{"raw":"GET /css2?family=Segoe+UI:wght@400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 02 May 2026 12:59:15 GMT\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-02T17:30:45.439268Z","times_seen":14537441,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":112,"dns":1,"connect":16,"send":0,"wait":36,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 May 2026 12:59:15 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 937041\r\nexpires: Thu, 22 Apr 2027 12:59:15 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fo0XhWIPfXsU2RoFw216wtUAAOYUJYwRaIAUhtx2%2BfMMILPaOVsdY43TWVZf6wYsiD%2FzqHInWRItRZoh8JQqQhbhWRAyJeHjwalNs8tF8GYJPDMc9J3%2BF%2FfVS%2BITe%2FB58PJgEfmy\"}]}\r\ncf-ray: 9f5733bbd99656a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-05-02T17:37:54.277196Z","times_seen":46387,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":9,"dns":1,"connect":1,"send":0,"wait":8,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 07:54:58 GMT\r\nexpires: Fri, 30 Apr 2027 07:54:58 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 191057\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89476,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-02T17:30:34.741448Z","times_seen":231248,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":129,"dns":2,"connect":20,"send":0,"wait":23,"receive":20,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/config.js","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /config.js HTTP/1.1\r\nHost: credi-reactivar-caso09383.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/?i=1\r\nCookie: __test=3eaca6fccc5e7bb3715d4c9929511e33\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 02 May 2026 12:59:14 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 155\r\nConnection: keep-alive\r\nLast-Modified: Wed, 22 Apr 2026 23:56:47 GMT\r\nETag: \"9b-6501548da2b1b\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Mon, 01 Jun 2026 12:59:14 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":155,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"8c80d20c3243cfd0526443b550400e46","sha1":"90e14486623ac8b8d33e620cc1e5eefc104ffe3f","sha256":"05e9c21e8280e93fe46012f1c4a92b58e0c397a584691c2538e9be9cbe1f4bca","sha512":"fd8b5146d89a0f2c6337629d3ee03eb5c6e5fc76ff470f4b732eb06357ed774014468c55027598e397e01f76ff4d1928781236a9efc222c7a0791206d38604fa","ssdeep":"","tlshash":"a4c02bc3bd4106b04d985ed498033c5dabe689bf1ce704cdfa259a785cafa62102e8e0","first_seen":"2026-05-02T12:59:37.797548Z","last_seen":"2026-05-02T14:25:42.203597Z","times_seen":3,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"credi-reactivar-caso09383.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"credi-reactivar-caso09383.iceiy.com/?i=1","fqdn":"credi-reactivar-caso09383.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.222","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-02T12:59:15.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: credi-reactivar-caso09383.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nCookie: __test=3eaca6fccc5e7bb3715d4c9929511e33\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sat, 02 May 2026 12:59:14 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 22911\r\nConnection: keep-alive\r\nLast-Modified: Wed, 22 Apr 2026 23:56:47 GMT\r\nETag: \"597f-6501548dff3a1\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Mon, 01 Jun 2026 12:59:14 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}],"data":{"size":22911,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"958375ee3aa0790492cfbdb4869ae154","sha1":"df8d157c038e2d3777fc2b8854af6a35708b5f12","sha256":"5ff24fdead275f6d5b103ef51eeb873c0af9d5708dc281f2b0f4fa2c1bfafc90","sha512":"5316f2ad9511efb6b4a9be952fd4f9fd0e80eeb26628b43edbedaeaaf4dbfc5708d3c2b2110a4af5cb4e7a73eb1613f659977245812890fcafbfeb0f4179b463","ssdeep":"384:49ovoMDCVXndvN13DyHpW49Pf/kjhlSPH60yYMswsZve:49ogMDCVXndl13DyHpGjhlSPH60yYMs6","tlshash":"92a24426e64005436033d3a867e3471afa7a8013c7078a797fec63964fb65a9c953f9c","first_seen":"2026-02-27T00:25:45.990933Z","last_seen":"2026-05-02T14:25:42.200969Z","times_seen":4,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"credi-reactivar-caso09383.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.postimg.cc/CKP7whZm/julitovaron.png","fqdn":"i.postimg.cc","domain":"postimg.cc","tld":"cc"},"ip":{"addr":"46.105.222.82","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"postimg.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 14 Apr 2026 08:44:38 GMT","end":"Mon, 13 Jul 2026 08:44:37 GMT"},"fingerprint":{"sha1":"DF:98:FE:F4:BD:BC:91:44:A2:9E:8F:A5:F4:83:22:A9:3F:6F:94:0A","sha256":"BE:B3:69:78:F1:32:8C:D7:B4:EF:7A:C6:CE:BC:EC:FF:F0:C6:01:1F:CF:A0:77:27:61:8D:5C:91:1A:89:72:DD"}}},"request":{"raw":"GET /CKP7whZm/julitovaron.png HTTP/1.1\r\nHost: i.postimg.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:59:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 3631\r\nlast-modified: Wed, 05 Nov 2025 18:51:55 GMT\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 486 x 104, 8-bit colormap, non-interlaced","md5":"663cef22eb98799d68ac9c587a091d3d","sha1":"6237a9c01cf0799954f0489c9c1eb9e119a2e174","sha256":"5ee54c4d89e8746c1d57e52746e4b55f755e250a9789804cb5f9437198fffef4","sha512":"7232bfe321fc1e30c9b7c874dd32bbea8cb21bfe089957f268574ced337fc1b488cee92fd445e8b908ca74da74023365f26784bf54181baa7e87029fdc18f4c6","ssdeep":"","tlshash":"51715c481c4b0b6de78219c5ea2f77826fdff38412a87176f09636dc1600a8c54ae380","first_seen":"2026-02-27T00:25:45.989017Z","last_seen":"2026-05-02T14:25:42.204586Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1155,"timings":{"blocked":185,"dns":127,"connect":26,"send":0,"wait":775,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.glitch.global/97ec72d4-c73a-4009-af5d-af7e51eb62c3/78_3a53c38a2dc671fb4daf.jpg?v=1749764353828","fqdn":"cdn.glitch.global","domain":"glitch.global","tld":"global"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.471Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /97ec72d4-c73a-4009-af5d-af7e51eb62c3/78_3a53c38a2dc671fb4daf.jpg?v=1749764353828 HTTP/1.1\r\nHost: cdn.glitch.global\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-02T17:30:45.439268Z","times_seen":14537441,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"cdn.glitch.global","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"c.s-microsoft.com/favicon.ico?v2","fqdn":"c.s-microsoft.com","domain":"s-microsoft.com","tld":"com"},"ip":{"addr":"96.6.17.223","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://credi-reactivar-caso09383.iceiy.com/?i=1","date":"2026-05-02T12:59:15.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.microsoft.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 04","organization":"Microsoft Corporation"},"validity":{"start":"Thu, 22 Jan 2026 19:55:21 GMT","end":"Sun, 17 Jan 2027 19:55:21 GMT"},"fingerprint":{"sha1":"AD:A5:F2:7D:8E:CE:C5:41:6F:5F:E1:90:43:31:0D:DD:30:5C:02:4B","sha256":"9F:17:B5:48:F7:D2:4F:30:9D:BC:AA:B5:71:57:6C:0C:A7:3B:80:55:9C:E6:9F:27:FE:29:5F:64:08:CC:57:BF"}}},"request":{"raw":"GET /favicon.ico?v2 HTTP/1.1\r\nHost: c.s-microsoft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://credi-reactivar-caso09383.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nx-azure-ref: 20260502T125915Z-r15dd66df9fvhbdxhC1AMS2yng0000001bzg000000006vth\r\ncontent-encoding: gzip\r\ncache-control: max-age=604800\r\nexpires: Sat, 09 May 2026 12:59:15 GMT\r\ndate: Sat, 02 May 2026 12:59:15 GMT\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-02T17:30:45.439268Z","times_seen":14537441,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":0,"dns":76,"connect":1,"send":0,"wait":52,"receive":3,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}