{"report_id":"64bf96cb-412a-4690-91c5-561126048c6f","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2026-04-15T00:12:47Z","url":{"schema":"http","addr":"ssra.closer.website","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"ssra.closer.website/","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"title":"Outlook","dom":{"size":79364,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4902)","md5":"e4af9ec13e1669a276a84a9d094978a6","sha1":"44526442d1742d5fb5ded8990e54b7fe6d9150cc","sha256":"b87eb3161156dda4284f318c83797bf06bf05c2c13b6505012e2dc4a12af9fe1","sha512":"11ec7597e50dba8bbce81187a2af68325e730e2cea354a851d91c7b8f93f469524fb70afb5a0264c4baca8033349076e8132f910012df1c94003fcfff5a20887","ssdeep":"768:jcH6IsFUFTcYX+QtHpB0RCs4Hlub3KuokzdKV7aQblioJmgK4e2FuzcgzcnE:I6RWuYOqHpBrlE3KuoUkF524nFu9cE","tlshash":"09735b5f98a356251c53b0b8a7dbb242bba1c113c30ddc583cac67a4ef85d9085ba7dc","dom_hash":"domhash7653cad06672f37c6818f9f41b5f1016","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ssra.closer.website","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T00:12:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"summary":[{"fqdn":"ssra.closer.website","ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":80,"request_count":20,"received_data":784337,"sent_data":10430,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Outlook Web App:15.0.1497","description":"Outlook on the web is an information manager web app. It includes a web-based email client, a calendar tool, a contact manager, and a task manager.","website":"https://help.outlook.com","common_platform_enumeration":"cpe:2.3:a:microsoft:outlook_web_access:*:*:*:*:*:*:*:*","icon":"Outlook.svg","categories":["Webmail"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-12T22:35:46.689898Z","alert_count":0,"request_count":1,"received_data":86654,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/glide/glide.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"765287e1bbd0fe0d28a652092b23e2d9","sha1":"75af935102d6aa480e7e7b8c9148b03479ea5dc4","sha256":"715d3ce8b0e92012fdcc7edf098f37ae638584c5de7dd45dc53dedac5a4764f5","sha512":"fd66de2b4ebb4418feec4ccf59742af7b10aed5cb6d732a67c99db5a17dd9ef5af60633fa4ba1c21394c7e2302f16d06c0ea71851d06e54081e3d699efbd6c67","ssdeep":"768:E/W0tpceIrFBJQ7ArLGZ8eCGxZ+mlDLBmW0/LC0cZ3nkQTsPEg9dG1mVThGvmIk8:brFcFh+MDtmUsPEg9dG1mVThGvmIkjp+","tlshash":"7483508d7cf620465463303c579f9486f1b6820b55599d84bcae87f85fa0f3806eabe8","size":86574,"data":"","first_seen":"2025-06-30T02:57:40.759653Z","last_seen":"2026-05-29T23:48:07.914403Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/helpers/common/helpers.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"3bba03f5f6277f124197365ccafb3767","sha1":"d242f1e657a283797b36e1609bd29ba717f73fc5","sha256":"7792ee016db97d1fe6f1aaecd42f9ecdcf169e74fed7102526f11fd6083f8fa2","sha512":"5cd48fbb135168e64ec9d7240f43eabd76d98cb771315c60b037d40d45528721b1c8018f0aa13bd0975e33fa4103e4c38e77c9cc604d3a0a7c74fa8119eb5b44","ssdeep":"","tlshash":"9f21202ca11878721c6740c68143b657fb4ba0fb91464020c06a5828f45dedfe8a6ff9","size":1237,"data":"","first_seen":"2026-01-18T13:13:01.495983Z","last_seen":"2026-05-29T23:48:07.915828Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/helpers/common/cookie.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"15ed8a19c638da87c546d8bf5efd96dc","sha1":"6cfa4d01b6eca726e80b3789d9515a5a89314edc","sha256":"baba8b7d2826fdb03b98aaae3465221673a55296577c2315990ae24d2f126f03","sha512":"dd24328cd51e5a8fe9d15f57fead4c7cacb20fa30827d7c6f690a67fc9b779faeafddc19a4b3eeac647e03d8be8a1067b8cbab6971ca5e47f829651dafbe0063","ssdeep":"","tlshash":"02f02b10b774fc2bc24402920cb843a6b9208afa1599b12cd976ae613550e8266f6966","size":497,"data":"","first_seen":"2026-01-18T13:13:01.487966Z","last_seen":"2026-05-29T23:48:07.915004Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/contact-form/common/contact-form.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"80a1690e86cc75e79b70118d026ded39","sha1":"43e15d390b294a9663ad932673b05f70fe9d4c73","sha256":"b854ce66a91e595f9f946422d1348267989ceb8c8d68b33470793099435e69d2","sha512":"9c8e9f730802931f456ad2e59ffac5339c8be7ccfc655eb1ae3f5725ad204478e528a22be7d4b3247d5d29edfd6b08e213db72a37c641309338fdfa59455c258","ssdeep":"96:4XetBGAMyd8Ug4ifKsO1ssiAZrw/G1ioSjXF:vCyd8HfCd1qAZ0/G1ioSjV","tlshash":"cd9172b1676548b00dbe029bd8ca66c1e63175fefc1e8433945c8d4939acec1f661fa1","size":4396,"data":"","first_seen":"2026-01-18T13:13:01.505666Z","last_seen":"2026-05-29T23:48:07.950544Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"5b31ecf0f93f9d4c843e709c4762cea7","sha1":"38f5d255da8287611cbccf93d9b34ad8c06085e8","sha256":"a429bb8ecfa7258eca74a8dcdbe53e708a45e28ceaa22ae90e6ee06c295e9c70","sha512":"ead86a315d2b013a9b44f752de440e4ecc6e433b0306d7dbc923fb832efa8d93590a75274bdad274659ce6c8b006d94929ebed81f18f5c25f1fbcc3498f42e86","ssdeep":"384:ZWN2YX+knQPi9MeRoCNcAQi2ipBpP+RCspidFHFR:gcYX+QtHpB0RCs4HlR","tlshash":"58a2631da8ba92b10ca3813a478fb295f375c6279319dc447c5fa3a1bf4144281be3db","size":22759,"data":"","first_seen":"2026-04-07T17:25:06.092077Z","last_seen":"2026-04-15T05:57:32.329672Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/navbar/navbar.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc8fc9c06ee934ec778d32509b179041","sha1":"375ad9e094901530c83c961f6f5256d2a7fe7fb1","sha256":"cabac6e030097443d4a7103132edad438f9870328d94a7b6791f95b7102c09a4","sha512":"5c6e04b1dc9d5387a39264edbe06fb3210c4c1052ee7b2a37911438e05f2bfe6fa4d72a7e4f1561254b2fdfa9b1b5245a85c82310b1c6cbe68034500184f079d","ssdeep":"192:5UZYug3WSnnhfwWajhj46nczJXV1C2cc66p44p6oNUWSCPUvZvyfwDB+SBf0wE3t:5UKznhfwWajhuzZV1C2Zr6+UWSCeVyf3","tlshash":"53220e702065c9b614ef0b9f22f09ac0b2a464def54561b7742d4c2e5a69cc372a0bff","size":10259,"data":"","first_seen":"2025-06-30T02:57:40.760987Z","last_seen":"2026-06-09T00:39:44.419537Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/box/box-flex.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ed9820ce0ceb9ab90e8373b6aec410d","sha1":"4663cab1e85cd70ba66f40ff39d8bf8da0fa9f53","sha256":"90bbb367dd61591de215ff7f3a75e1460c559efc5cc92e759d48b49fe7859eac","sha512":"280c7edbe1d4e31006581546a0c2bf31547065bd3fc9063d8ed93051060512994126300d12096b096f440d2fd111ade63399fb167e0e9097fec91fea5cd9efda","ssdeep":"1536:L5f9G+qindJyT3V+fII+7iQjdeB8HZvKPCjXonmehKHzBvsK6LfoNZo8hq3+FTdF:L5+peFmiqjXumfZp8ZTyl","tlshash":"1ce3088832a2303208db62b6d45b53457173300f2449d49cb97dd9c7afb8dae35a7bb9","size":152842,"data":"","first_seen":"2025-06-30T02:57:40.76474Z","last_seen":"2026-05-29T23:48:07.90809Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/glide/css/glide.core.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/scripts/glide/css/glide.core.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\netag: W/\"660bc169-423\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1059,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6bfc658c2ffe8f51523e0653d933a210","sha1":"97ba5af6a580f1365f78a10272c769859539812b","sha256":"3b98696013f1d1ab23b2661be00b4a1297e6d061f819bd265430610de846be05","sha512":"a42c2eb6ab89c344f85e76594b1059ed8c205efa910cccccfc7cdf3b3467565887bed9163c851bd6ff6d94484f28a033df3ae368d653f1927c946acc10af20d5","ssdeep":"","tlshash":"7c11ce1b99635004301ab6e61baeda0c22b6d017dd13dde87bea9501cf0afd911c23e3","first_seen":"2025-06-30T02:57:40.794245Z","last_seen":"2026-06-09T00:39:44.415322Z","times_seen":74,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/navbar/navbar.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/scripts/navbar/navbar.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Sep 2024 07:18:53 GMT\r\netag: W/\"66d6b85d-67cb\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26571,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f630c78ee9f98443b9b072bfc6c66374","sha1":"e5a6363bed4496e5aad0397dc4bcb1585736473c","sha256":"3dc8ec3fc7e2b9b23d4253fe3a9350719985645a9148a5664763b883eba46789","sha512":"f279fa96581a0a8a0435795547f12ebd7e0acd83c8bedcdb26cc47d31854b712036ba5ca158b4fe2aae16270bdfdd44b18c17a9f7820dd506c8e9163255ddadb","ssdeep":"192:FjIX3UmLmm2gzT/TF1TgTvTtT/TlWfzVe9DrD9U/KgvsCKgKMKOkOQ1:qHJmDgn/J10T5b19DrD9Us","tlshash":"97c2dd42f1c22e20542b804f54d2d869bb7a9241afc72f7e746e3629df8c2df95e1d21","first_seen":"2025-09-12T06:32:02.901192Z","last_seen":"2026-05-29T23:48:07.946742Z","times_seen":16,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/navbar/navbar.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/scripts/navbar/navbar.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\netag: W/\"660bc169-2813\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10259,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10258)","md5":"fc8fc9c06ee934ec778d32509b179041","sha1":"375ad9e094901530c83c961f6f5256d2a7fe7fb1","sha256":"cabac6e030097443d4a7103132edad438f9870328d94a7b6791f95b7102c09a4","sha512":"5c6e04b1dc9d5387a39264edbe06fb3210c4c1052ee7b2a37911438e05f2bfe6fa4d72a7e4f1561254b2fdfa9b1b5245a85c82310b1c6cbe68034500184f079d","ssdeep":"192:5UZYug3WSnnhfwWajhj46nczJXV1C2cc66p44p6oNUWSCPUvZvyfwDB+SBf0wE3t:5UKznhfwWajhuzZV1C2Zr6+UWSCeVyf3","tlshash":"53220e702065c9b614ef0b9f22f09ac0b2a464def54561b7742d4c2e5a69cc372a0bff","first_seen":"2025-06-30T02:57:40.760987Z","last_seen":"2026-06-09T00:39:44.419537Z","times_seen":39,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/ionicons/css/ionicons.min.css","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:26.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/ionicons/css/ionicons.min.css HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/assets/minimalist-blocks/content.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\netag: W/\"660bc169-c854\"\r\nexpires: Wed, 22 Apr 2026 00:12:26 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51284,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (50802)","md5":"6798564e1f2e3291ed7e11eb291d282b","sha1":"cc8043b90c2a0962ecae08e62298d3ebb894eabb","sha256":"8c01c3cb08ae66fdf817221b3a79245fcdb94ea59a3fce2093894d6f4bb6ccf8","sha512":"bec80201e8e3317b1bd57782dbb715f3d4265dec398e53f321cd333c55887a31ef52e4a0537b900a39870e75abeda684282bbdc7a7b1b99df28c13bfaa00d459","ssdeep":"384:048lBhhJhjRqFdtYRjJIjsjaHnNfc2C4741mf5HRzL:048hhjQFduRjJ7uHFcu7Smf5xzL","tlshash":"cb33f8e4d20c0dd0ab35c447ab49674858b5f7fbe4584ca8e42fd4ac39cb224a3e5b6d","first_seen":"2025-04-07T04:59:13.012522Z","last_seen":"2026-06-16T17:03:13.697706Z","times_seen":24791,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:26.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.11.3\r\nx-jsd-version-type: version\r\netag: W/\"14f73-BDozLk9VXMC/015FG+lVtLk5ZqA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 15 Apr 2026 00:12:26 GMT\r\nage: 2917712\r\nx-served-by: cache-fra-etou8220072-FRA, cache-hel1410031-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 13383\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85875,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65354)","md5":"5605c44f8b24ea5de37a959955b71eb6","sha1":"043a332e4f555cc0bfd35e451be955b4b93966a0","sha256":"f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62","sha512":"74f5d8703b9bfda79bd3c73ade346afe4e8668a71c976e7a250cbf0273aaec2027119f45cd22fdc126dc664329e11dbabc1b0c2c5607e2443aeff6db57c5da09","ssdeep":"768:ZPcr8JUkZrpULKt4bDcf3oQpeqfZs0BWeUz5+XIHx5qkgwTz:hrpEKt4moUeqfZbc5+XIHZz","tlshash":"9383fbe8e58d05e8f372c48faf42775e31aafa3cd5811c68f14a111d5ac26650ac7fb8","first_seen":"2024-01-11T04:35:50Z","last_seen":"2026-06-16T17:12:35.071572Z","times_seen":8517,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":53,"dns":1,"connect":26,"send":0,"wait":27,"receive":3,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/minimalist-blocks/content.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/minimalist-blocks/content.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Sep 2024 07:18:53 GMT\r\netag: W/\"66d6b85d-31938\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":203064,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"81045e7e576ca96cf29d3bc076a86f3a","sha1":"a4d41020fe573d937cff89d87fd7fddfce1a1cfd","sha256":"86bfbe08e26dd44cc8e91c8004082a77bc3d82b22f618e3e22fc9975fd1980a0","sha512":"e282330a13a440bf9b0ba7de4b38e7f89e71258ca42377a2355b649c7fe0da86b38e8b0c648fcf6bba4a430906f5455e9b88fbf89c575802c539b0301635e0d5","ssdeep":"768:KYUdSFDrW5DutOsk7ucjG8l3es+R3fuZiIwG2AlW93l2iEnevvuEjNP68FAxEEl7:m6kcJ4CGIbBgevvuEjNP68UEEllijvnA","tlshash":"f0148b17f7c501263c5908f5b94ab3fdba7d6486db28adba7484b360cf496f309a211c","first_seen":"2026-01-18T13:13:01.499035Z","last_seen":"2026-06-08T07:04:03.518492Z","times_seen":15,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/minimalist-blocks/content-custom.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/minimalist-blocks/content-custom.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 105\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\netag: \"660bc169-69\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7710d5fd581788beb2d525c5a6426b95","sha1":"f42c34b6147d83b421bc8a96c749b257e6c4f03a","sha256":"279db7df3e1a97b17a04522f29607e5c4b832b98f32e4ee98b31aff2ae355a3c","sha512":"e3fc99201eec9b8cd800703fc9f6cad4ae3012029f274913ca4b9f4791d4afa9c0503f468177b8178f9c8f8becbd6f7de6d6aae5b9117eae6d757f94edf180f0","ssdeep":"","tlshash":"d6b012096bb2bd24640dc49065af13a39b0740131ed3f91c3d2a17868fd28f2c152f70","first_seen":"2025-11-27T05:04:13.259721Z","last_seen":"2026-05-29T23:48:07.955199Z","times_seen":15,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/box/box-flex.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /box/box-flex.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Sep 2024 07:18:53 GMT\r\netag: W/\"66d6b85d-24334\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148276,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"10607bf1dc533aad2816d574b2d570a0","sha1":"1b362bcbeb799c7b1cde77134beabe536ce9a0db","sha256":"ae103409defcba37508c7ca8c344aef50af4829ea92b4174338a9fe81f321bd1","sha512":"f7310daed8c7d035af26f05fbe65f2e58e6310a1bde118c8bef30e7e21689a77b72e2bb21ef65b7f7df72b6e3e15b92804f11bbc52a4e10d2be9bfa00e67b74c","ssdeep":"1536:0S2rvTvZv/P3Zrv7H/sDLNb2GW2LOwa6NYFsWI/RZwsvj8jmdV9Xi+lhlQ97tqNX:LRZejmdVJzrncc","tlshash":"7de3df933640284c6ea7412b14df761c293ca152f3379cedbd656188cfc8ee569e3ba4","first_seen":"2025-09-12T06:32:02.971882Z","last_seen":"2026-06-08T07:04:03.519056Z","times_seen":29,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/box/box-flex.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /box/box-flex.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Sep 2024 07:18:53 GMT\r\netag: W/\"66d6b85d-2550d\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":152845,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (27496)","md5":"5ed9820ce0ceb9ab90e8373b6aec410d","sha1":"4663cab1e85cd70ba66f40ff39d8bf8da0fa9f53","sha256":"90bbb367dd61591de215ff7f3a75e1460c559efc5cc92e759d48b49fe7859eac","sha512":"280c7edbe1d4e31006581546a0c2bf31547065bd3fc9063d8ed93051060512994126300d12096b096f440d2fd111ade63399fb167e0e9097fec91fea5cd9efda","ssdeep":"1536:L5f9G+qindJyT3V+fII+7iQjdeB8HZvKPCjXonmehKHzBvsK6LfoNZo8hq3+FTdF:L5+peFmiqjXumfZp8ZTyl","tlshash":"1ce3088832a2303208db62b6d45b53457173300f2449d49cb97dd9c7afb8dae35a7bb9","first_seen":"2025-06-30T02:57:40.76474Z","last_seen":"2026-05-29T23:48:07.90809Z","times_seen":31,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/helpers/common/cookie.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /modules/helpers/common/cookie.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 497\r\nvary: Host\r\nlast-modified: Wed, 18 Mar 2026 11:40:48 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":497,"size_decoded":0,"mime_type":"application/javascript","magic":"C++ source, ASCII text, with very long lines (497), with no line terminators","md5":"15ed8a19c638da87c546d8bf5efd96dc","sha1":"6cfa4d01b6eca726e80b3789d9515a5a89314edc","sha256":"baba8b7d2826fdb03b98aaae3465221673a55296577c2315990ae24d2f126f03","sha512":"dd24328cd51e5a8fe9d15f57fead4c7cacb20fa30827d7c6f690a67fc9b779faeafddc19a4b3eeac647e03d8be8a1067b8cbab6971ca5e47f829651dafbe0063","ssdeep":"","tlshash":"02f02b10b774fc2bc24402920cb843a6b9208afa1599b12cd976ae613550e8266f6966","first_seen":"2026-01-18T13:13:01.487966Z","last_seen":"2026-05-29T23:48:07.915004Z","times_seen":13,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T00:12:25.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/html\r\nexpires: Wed, 15 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Outlook Web App:15.0.1497","description":"Outlook on the web is an information manager web app. It includes a web-based email client, a calendar tool, a contact manager, and a task manager.","website":"https://help.outlook.com","common_platform_enumeration":"cpe:2.3:a:microsoft:outlook_web_access:*:*:*:*:*:*:*:*","icon":"Outlook.svg","categories":["Webmail"]}],"data":{"size":79199,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (4902)","md5":"0a857f8b7b060cd4df6a7cdf8fccb09a","sha1":"f9fad5056e9b72c854c73cc99378651bddf317df","sha256":"3c0e9fb9b329cae9a0f302ce16214a7d155575e69e677359d13c42e38052878c","sha512":"2c33580db2af71d1e716a4730e1832d0584852ccaf55f93ff55a973d20fa10994079b0320f468e8f5e70cec8c4bb4f5ab5701a72362fd677e04ebccef70791dc","ssdeep":"768:ecLOOfsFUFTcYX+QtHpB0RCs4Hlub3KuokzdKV7aQblioJmgK4e2FuzcgzcnE:dOOEWuYOqHpBrlE3KuoUkF524nFu9cE","tlshash":"08734b5f98a356251c93b078a7dbb242bba1c113c30edc583cac6794ef85d90857a7dc","first_seen":"2026-04-15T00:12:53.442685Z","last_seen":"2026-04-15T05:57:32.323192Z","times_seen":3,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":174,"dns":98,"connect":34,"send":0,"wait":67,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/glide/css/glide.theme.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/scripts/glide/css/glide.theme.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\netag: W/\"660bc169-20ae\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8366,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bb78bc5a45b81f22f3a2eaa009341e20","sha1":"60d08857acb3ccbafc2ef1221221c8c0f1cffa02","sha256":"dd5178e9a00e7124d26e69885da55d8ca214f3e278614c29b83ebce8ff657e7a","sha512":"8adee0e290680c0fed0c7e6b15530c1cdf8cf7aec07abf8102f4181acb6b97139d2886327fcd410cd5d4cb0f7a19dfa9d1e846b09675f043653da45ea511c5fa","ssdeep":"192:n5ulGrX1wZ/bpiVsAYcggYcWPvUZtXe2hI2mOk:wAKZ/gWPvQp7h2","tlshash":"86022216a6e15509884bb1192c96cb5dfbec8102934accfdf9db7018cf8d1c9a732bd9","first_seen":"2025-06-30T02:57:40.785624Z","last_seen":"2026-06-09T00:39:44.316027Z","times_seen":70,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/contentbox/common/contentbox.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /modules/contentbox/common/contentbox.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 902\r\nvary: Host\r\nlast-modified: Thu, 21 Nov 2024 11:55:18 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":902,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"7a798e0cd2d8050c30c7fae27419a248","sha1":"c4d54cef32b9e8baeebea7a1adc0ecf49b70f954","sha256":"cc4d96ac669b06076d5efd6f8ea97b7e2cf6db33f3dacc75a5e11c47ac8392c0","sha512":"d20cee616c94cebf636346d53b8405d1ef7806624ea4d839665f8e1f8153ee84a230858ac85b14b762a7f557b71facf12f85a3f8024c4eadc6dc5207500b8b34","ssdeep":"","tlshash":"11119c1797f74c34913e89ae4ba3774c5f098877baef9c97a440b62cc1c424e19a0e0c","first_seen":"2026-01-18T13:13:01.485757Z","last_seen":"2026-05-29T23:48:07.913518Z","times_seen":13,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/styles/type-system-ui.css","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/styles/type-system-ui.css HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Sep 2024 07:18:53 GMT\r\netag: W/\"66d6b85d-495\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1173,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"e158d62592fb9f96328fe3a01301caf5","sha1":"751d239997dc3bf2d0f5676bbd9600d4f3f3928d","sha256":"0933603b0cf8f885fa714a5202d75109c75300ce7ac2014c10bb2a0e1f057f45","sha512":"d2de78b10870fb2cf9557a3782f29b466681077a4127eddf907d0986e872f6b733a3767bd3f484d1903efc21fe020180bec5e0da1bc695f9915156343d22e074","ssdeep":"","tlshash":"7b213b0b075a6205ec518cd07a112f8aa928a4064d45e1fe67c37be4cd5bc3dab70f2f","first_seen":"2025-12-22T05:52:22.966971Z","last_seen":"2026-05-29T23:48:07.956053Z","times_seen":16,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/udata/custom/isGlobalRecaptchaEnabled.json","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:26.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /udata/custom/isGlobalRecaptchaEnabled.json HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ssra.closer.website/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:26 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 78\r\nx-robots-tag: none\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nx-xss-protection: 0\r\nset-cookie: PHPSESSID=rigjucq9i6kgj37q88as59jl71; expires=Wed, 29-Apr-2026 00:12:26 GMT; Max-Age=1209600; path=/; httponly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":78,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JSON text data","md5":"9cfc15bee42cc6917ac143a3d3337c6f","sha1":"a06be74f818ab6ea3cbaf2d49f8a2fd90dbbde03","sha256":"7d59e9b9b063a39c4a0e3525e6f37d98b6ade2d2b9350bf19ddce31f15e09af7","sha512":"ead3f4df104ec1da2b85d8de93a81cf68a98e459dbb0ac7880075b75b054afa4a114766dca37e65c95c64504a742c14461991c73296acda66380a3e52eef5d60","ssdeep":"","tlshash":"03a022a0203f20a30c0ccf0cf8ae00cf0c8ca8b2b20cc820088c2030c0ec838e303a08","first_seen":"2026-01-18T13:13:01.482437Z","last_seen":"2026-05-29T23:48:07.95325Z","times_seen":13,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/contact-form/common/contact-form.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /modules/contact-form/common/contact-form.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\nvary: Host\r\nlast-modified: Tue, 03 Sep 2024 07:18:53 GMT\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1691,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"b055078be194446925458db483934f92","sha1":"989a0c4e643da0c31f5c5a05615376de1821175d","sha256":"4520a10782824f3a678ca9fe195faabf82677c4f8458fb6555afaccd3f54ca46","sha512":"116af84f4ffefd80e8ddc4a43282fd940bc3256aa63b65d71055d1812e30f40c604d9dd8be8799eef255256077b9a21ed3b20a2f98b8b9b0dd0e9d2715fe9013","ssdeep":"","tlshash":"0f31ff0557240c60441bc4587ac98bc67b2f65105f0f8d77b65268adc3cd2fc5d63b89","first_seen":"2026-01-18T13:13:01.502054Z","last_seen":"2026-05-29T23:48:07.94826Z","times_seen":13,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/static-menu/common/static-menu.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /modules/static-menu/common/static-menu.css?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 581\r\nvary: Host\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4b6595804171433d03cc77d9aafb3eaf","sha1":"9d7aae973c682451211d750014874a2a206b3aad","sha256":"c8e7b9581dc60d0ddf8905a24488ba7ab1061551a7c5ab1021f8ff4c9506e379","sha512":"7810e02ddfd92d1e4b745245f024c08671d6cf2ecd6d192bee859f4757f55a92f7729f382c323d1c413428176f2666a3a8738a3c22689c967c619f8d8c6814e9","ssdeep":"","tlshash":"d4f0420157c2db00fc0b80fd5ca5a778cfa48990df24579bd0b28864d79e18c12d7048","first_seen":"2025-11-27T05:04:13.285924Z","last_seen":"2026-05-29T23:48:07.907064Z","times_seen":15,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/assets/scripts/glide/glide.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /assets/scripts/glide/glide.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Apr 2024 08:27:21 GMT\r\netag: W/\"660bc169-15230\"\r\nexpires: Wed, 22 Apr 2026 00:12:25 GMT\r\ncache-control: max-age=604800\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86576,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"765287e1bbd0fe0d28a652092b23e2d9","sha1":"75af935102d6aa480e7e7b8c9148b03479ea5dc4","sha256":"715d3ce8b0e92012fdcc7edf098f37ae638584c5de7dd45dc53dedac5a4764f5","sha512":"fd66de2b4ebb4418feec4ccf59742af7b10aed5cb6d732a67c99db5a17dd9ef5af60633fa4ba1c21394c7e2302f16d06c0ea71851d06e54081e3d699efbd6c67","ssdeep":"768:E/W0tpceIrFBJQ7ArLGZ8eCGxZ+mlDLBmW0/LC0cZ3nkQTsPEg9dG1mVThGvmIk8:brFcFh+MDtmUsPEg9dG1mVThGvmIkjp+","tlshash":"7483508d7cf620465463303c579f9486f1b6820b55599d84bcae87f85fa0f3806eabe8","first_seen":"2025-06-30T02:57:40.759653Z","last_seen":"2026-05-29T23:48:07.914403Z","times_seen":52,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/helpers/common/helpers.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /modules/helpers/common/helpers.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: application/javascript\r\nvary: Host\r\nlast-modified: Wed, 18 Mar 2026 11:40:48 GMT\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (657)","md5":"3bba03f5f6277f124197365ccafb3767","sha1":"d242f1e657a283797b36e1609bd29ba717f73fc5","sha256":"7792ee016db97d1fe6f1aaecd42f9ecdcf169e74fed7102526f11fd6083f8fa2","sha512":"5cd48fbb135168e64ec9d7240f43eabd76d98cb771315c60b037d40d45528721b1c8018f0aa13bd0975e33fa4103e4c38e77c9cc604d3a0a7c74fa8119eb5b44","ssdeep":"","tlshash":"9f21202ca11878721c6740c68143b657fb4ba0fb91464020c06a5828f45dedfe8a6ff9","first_seen":"2026-01-18T13:13:01.495983Z","last_seen":"2026-05-29T23:48:07.915828Z","times_seen":13,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/modules/contact-form/common/contact-form.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:25.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /modules/contact-form/common/contact-form.min.js?17706314811c62c1bb26b33a0054b32e808e39bb441c62c1bb26b33a0054b32e808e39bb44 HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:25 GMT\r\ncontent-type: application/javascript\r\nvary: Host\r\nlast-modified: Wed, 18 Mar 2026 11:40:48 GMT\r\ncache-control: max-age=0, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4396,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (4396), with no line terminators","md5":"80a1690e86cc75e79b70118d026ded39","sha1":"43e15d390b294a9663ad932673b05f70fe9d4c73","sha256":"b854ce66a91e595f9f946422d1348267989ceb8c8d68b33470793099435e69d2","sha512":"9c8e9f730802931f456ad2e59ffac5339c8be7ccfc655eb1ae3f5725ad204478e528a22be7d4b3247d5d29edfd6b08e213db72a37c641309338fdfa59455c258","ssdeep":"96:4XetBGAMyd8Ug4ifKsO1ssiAZrw/G1ioSjXF:vCyd8HfCd1qAZ0/G1ioSjV","tlshash":"cd9172b1676548b00dbe029bd8ca66c1e63175fefc1e8433945c8d4939acec1f661fa1","first_seen":"2026-01-18T13:13:01.505666Z","last_seen":"2026-05-29T23:48:07.950544Z","times_seen":13,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ssra.closer.website/owa/auth/15.0.1497/themes/resources/favicon.ico","fqdn":"ssra.closer.website","domain":"closer.website","tld":"website"},"ip":{"addr":"94.130.129.186","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ssra.closer.website/","date":"2026-04-15T00:12:26.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.closer.website","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:29 GMT","end":"Fri, 29 May 2026 19:42:28 GMT"},"fingerprint":{"sha1":"CA:D6:D6:43:FE:F8:F1:2E:A7:D1:97:76:48:ED:33:16:92:63:DE:6D","sha256":"29:25:4B:CA:99:CC:EF:C0:DB:83:10:F2:29:1E:A3:B1:E4:9F:C4:2B:C6:0C:12:88:33:B1:22:E7:A2:F6:DE:4E"}}},"request":{"raw":"GET /owa/auth/15.0.1497/themes/resources/favicon.ico HTTP/1.1\r\nHost: ssra.closer.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ssra.closer.website/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 15 Apr 2026 00:12:26 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":245,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"ec2f5379fca1c36dd7ffb3aa172c93a6","sha1":"12742f772da711c7d5c024412dfe66344aba1dc6","sha256":"0c0a80045dd8f96b057b8a81663638fa36bf8564e2cb724a2ae728d5481dcef9","sha512":"3c36edcdead47f762ec0fc29cd8dcaa39c8a247d2598c6ee945f9694fd125a5caeb962a5339f04019f548c052e77325be9bf8729921dc79844c507a66434346b","ssdeep":"","tlshash":"4cd0978e8083224bc523268039c200e2968d23a2f93a01ec7c83a88a9118d7cc1ca6dc","first_seen":"2026-02-20T00:05:23.638116Z","last_seen":"2026-05-29T23:48:07.954184Z","times_seen":9,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"ssra.closer.website","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}}]}